summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--po/de.po368
-rw-r--r--po/es.po368
-rw-r--r--po/fr.po366
-rw-r--r--po/id.po368
-rw-r--r--po/it.po368
-rw-r--r--po/ja.po366
-rw-r--r--po/nl.po366
-rw-r--r--po/pl.po368
-rw-r--r--po/pt.po368
-rw-r--r--po/ru.po368
-rw-r--r--po/sssd.pot366
-rw-r--r--po/sv.po368
-rw-r--r--po/uk.po368
-rw-r--r--po/zh_TW.po368
-rw-r--r--src/man/po/cs.po1150
-rw-r--r--src/man/po/es.po1153
-rw-r--r--src/man/po/nl.po1155
-rw-r--r--src/man/po/pl.po1137
-rw-r--r--src/man/po/sssd-docs.pot1128
-rw-r--r--src/man/po/uk.po1209
20 files changed, 7254 insertions, 4822 deletions
diff --git a/po/de.po b/po/de.po
index 8d1633cae..73deaf9c8 100644
--- a/po/de.po
+++ b/po/de.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSS\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-04-27 11:41-0400\n"
+"POT-Creation-Date: 2011-08-02 15:55-0400\n"
"PO-Revision-Date: 2009-12-09 11:13+0100\n"
"Last-Translator: Fabian Affolter <fab@fedoraproject.org>\n"
"Language-Team: German <fedora-trans-de@redhat.com>\n"
@@ -90,570 +90,620 @@ msgstr ""
msgid "The value of the password field the NSS provider should return"
msgstr ""
+#: src/config/SSSDConfig.py:61
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:62
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
#: src/config/SSSDConfig.py:63
-msgid "How long to allow cached logins between online logins (days)"
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
msgstr ""
#: src/config/SSSDConfig.py:64
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig.py:67
+msgid "How long to allow cached logins between online logins (days)"
+msgstr ""
+
+#: src/config/SSSDConfig.py:68
msgid "How many failed logins attempts are allowed when offline"
msgstr ""
-#: src/config/SSSDConfig.py:65
+#: src/config/SSSDConfig.py:69
msgid ""
"How long (minutes) to deny login after offline_failed_login_attempts has "
"been reached"
msgstr ""
-#: src/config/SSSDConfig.py:66
+#: src/config/SSSDConfig.py:70
msgid "What kind of messages are displayed to the user during authentication"
msgstr ""
-#: src/config/SSSDConfig.py:67
+#: src/config/SSSDConfig.py:71
msgid "How many seconds to keep identity information cached for PAM requests"
msgstr ""
-#: src/config/SSSDConfig.py:68
+#: src/config/SSSDConfig.py:72
msgid "How many days before password expiration a warning should be displayed"
msgstr ""
-#: src/config/SSSDConfig.py:71
+#: src/config/SSSDConfig.py:75
msgid "Identity provider"
msgstr ""
-#: src/config/SSSDConfig.py:72
+#: src/config/SSSDConfig.py:76
msgid "Authentication provider"
msgstr ""
-#: src/config/SSSDConfig.py:73
+#: src/config/SSSDConfig.py:77
msgid "Access control provider"
msgstr ""
-#: src/config/SSSDConfig.py:74
+#: src/config/SSSDConfig.py:78
msgid "Password change provider"
msgstr ""
-#: src/config/SSSDConfig.py:77
+#: src/config/SSSDConfig.py:81
msgid "Minimum user ID"
msgstr ""
-#: src/config/SSSDConfig.py:78
+#: src/config/SSSDConfig.py:82
msgid "Maximum user ID"
msgstr ""
-#: src/config/SSSDConfig.py:79
+#: src/config/SSSDConfig.py:83
msgid "Enable enumerating all users/groups"
msgstr ""
-#: src/config/SSSDConfig.py:80
+#: src/config/SSSDConfig.py:84
msgid "Cache credentials for offline login"
msgstr ""
-#: src/config/SSSDConfig.py:81
+#: src/config/SSSDConfig.py:85
msgid "Store password hashes"
msgstr ""
-#: src/config/SSSDConfig.py:82
+#: src/config/SSSDConfig.py:86
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig.py:83
+#: src/config/SSSDConfig.py:87
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:84
+#: src/config/SSSDConfig.py:88
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig.py:85
+#: src/config/SSSDConfig.py:89
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig.py:86
+#: src/config/SSSDConfig.py:90
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:87
+#: src/config/SSSDConfig.py:91
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig.py:90
+#: src/config/SSSDConfig.py:92
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:95
msgid "IPA domain"
msgstr "IPA-Domain"
-#: src/config/SSSDConfig.py:91
+#: src/config/SSSDConfig.py:96
msgid "IPA server address"
msgstr "IPA-Serveradresse"
-#: src/config/SSSDConfig.py:92
+#: src/config/SSSDConfig.py:97
msgid "IPA client hostname"
msgstr "IPA-Client-Rechnername"
-#: src/config/SSSDConfig.py:93
+#: src/config/SSSDConfig.py:98
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig.py:94
+#: src/config/SSSDConfig.py:99
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig.py:95
+#: src/config/SSSDConfig.py:100
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig.py:98 src/config/SSSDConfig.py:99
+#: src/config/SSSDConfig.py:101
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig.py:102
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig.py:105 src/config/SSSDConfig.py:106
msgid "Kerberos server address"
msgstr "Kerberos-Serveradresse"
-#: src/config/SSSDConfig.py:100
+#: src/config/SSSDConfig.py:107
msgid "Kerberos realm"
msgstr "Kerberos Realm"
-#: src/config/SSSDConfig.py:101
+#: src/config/SSSDConfig.py:108
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig.py:104
+#: src/config/SSSDConfig.py:111
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig.py:105
+#: src/config/SSSDConfig.py:112
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig.py:106
+#: src/config/SSSDConfig.py:113
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig.py:107
+#: src/config/SSSDConfig.py:114
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig.py:108
+#: src/config/SSSDConfig.py:115
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig.py:109
+#: src/config/SSSDConfig.py:116
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:110
+#: src/config/SSSDConfig.py:117
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:111
+#: src/config/SSSDConfig.py:118
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig.py:112
+#: src/config/SSSDConfig.py:119
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig.py:115
+#: src/config/SSSDConfig.py:122
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig.py:118
+#: src/config/SSSDConfig.py:125
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig.py:119
+#: src/config/SSSDConfig.py:126
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig.py:120
+#: src/config/SSSDConfig.py:127
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig.py:121
+#: src/config/SSSDConfig.py:128
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:122
+#: src/config/SSSDConfig.py:129
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:123
+#: src/config/SSSDConfig.py:130
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:124
+#: src/config/SSSDConfig.py:131
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig.py:125
+#: src/config/SSSDConfig.py:132
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig.py:126
+#: src/config/SSSDConfig.py:133
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig.py:127
+#: src/config/SSSDConfig.py:134
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig.py:128
+#: src/config/SSSDConfig.py:135
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig.py:129
+#: src/config/SSSDConfig.py:136
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig.py:130
+#: src/config/SSSDConfig.py:137
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig.py:131
+#: src/config/SSSDConfig.py:138
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig.py:132
+#: src/config/SSSDConfig.py:139
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig.py:133
+#: src/config/SSSDConfig.py:140
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig.py:134
+#: src/config/SSSDConfig.py:141
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig.py:135
+#: src/config/SSSDConfig.py:142
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig.py:136
+#: src/config/SSSDConfig.py:143
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig.py:137
+#: src/config/SSSDConfig.py:144
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig.py:138
+#: src/config/SSSDConfig.py:145
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig.py:139
+#: src/config/SSSDConfig.py:146
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig.py:140
+#: src/config/SSSDConfig.py:147
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig.py:141
+#: src/config/SSSDConfig.py:148
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig.py:142
+#: src/config/SSSDConfig.py:149
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig.py:143
+#: src/config/SSSDConfig.py:150
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig.py:145
+#: src/config/SSSDConfig.py:151
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig.py:153
#, fuzzy
msgid "entryUSN attribute"
msgstr "UID-Attribut"
-#: src/config/SSSDConfig.py:146
+#: src/config/SSSDConfig.py:154
#, fuzzy
msgid "lastUSN attribute"
msgstr "UID-Attribut"
-#: src/config/SSSDConfig.py:149
+#: src/config/SSSDConfig.py:157
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig.py:150
+#: src/config/SSSDConfig.py:158
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig.py:151
+#: src/config/SSSDConfig.py:159
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig.py:152
+#: src/config/SSSDConfig.py:160
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig.py:153
+#: src/config/SSSDConfig.py:161
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig.py:154
+#: src/config/SSSDConfig.py:162
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:155
+#: src/config/SSSDConfig.py:163
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:156
+#: src/config/SSSDConfig.py:164
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:157
+#: src/config/SSSDConfig.py:165
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig.py:158
+#: src/config/SSSDConfig.py:166
msgid "Username attribute"
msgstr "Benutzername-Attribut"
-#: src/config/SSSDConfig.py:160
+#: src/config/SSSDConfig.py:168
msgid "UID attribute"
msgstr "UID-Attribut"
-#: src/config/SSSDConfig.py:161
+#: src/config/SSSDConfig.py:169
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:162
+#: src/config/SSSDConfig.py:170
msgid "GECOS attribute"
msgstr "GECOS-Attribut"
-#: src/config/SSSDConfig.py:163
+#: src/config/SSSDConfig.py:171
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig.py:164
+#: src/config/SSSDConfig.py:172
msgid "Shell attribute"
msgstr "Shell-Attribut"
-#: src/config/SSSDConfig.py:165
+#: src/config/SSSDConfig.py:173
msgid "UUID attribute"
msgstr "UUID-Attribut"
-#: src/config/SSSDConfig.py:166
+#: src/config/SSSDConfig.py:174
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig.py:167
+#: src/config/SSSDConfig.py:175
msgid "Full Name"
msgstr "Vollständiger Name"
-#: src/config/SSSDConfig.py:168
+#: src/config/SSSDConfig.py:176
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig.py:169
+#: src/config/SSSDConfig.py:177
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig.py:171
+#: src/config/SSSDConfig.py:179
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:172
+#: src/config/SSSDConfig.py:180
#, fuzzy
msgid "shadowMin attribute"
msgstr "Benutzername-Attribut"
-#: src/config/SSSDConfig.py:173
+#: src/config/SSSDConfig.py:181
#, fuzzy
msgid "shadowMax attribute"
msgstr "Benutzername-Attribut"
-#: src/config/SSSDConfig.py:174
+#: src/config/SSSDConfig.py:182
#, fuzzy
msgid "shadowWarning attribute"
msgstr "Benutzername-Attribut"
-#: src/config/SSSDConfig.py:175
+#: src/config/SSSDConfig.py:183
#, fuzzy
msgid "shadowInactive attribute"
msgstr "Benutzername-Attribut"
-#: src/config/SSSDConfig.py:176
+#: src/config/SSSDConfig.py:184
#, fuzzy
msgid "shadowExpire attribute"
msgstr "Benutzername-Attribut"
-#: src/config/SSSDConfig.py:177
+#: src/config/SSSDConfig.py:185
#, fuzzy
msgid "shadowFlag attribute"
msgstr "Shell-Attribut"
-#: src/config/SSSDConfig.py:178
+#: src/config/SSSDConfig.py:186
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig.py:179
+#: src/config/SSSDConfig.py:187
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig.py:180
+#: src/config/SSSDConfig.py:188
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:181
+#: src/config/SSSDConfig.py:189
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig.py:182
+#: src/config/SSSDConfig.py:190
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig.py:183
+#: src/config/SSSDConfig.py:191
#, fuzzy
msgid "accountExpires attribute of AD"
msgstr "Benutzername-Attribut"
-#: src/config/SSSDConfig.py:184
+#: src/config/SSSDConfig.py:192
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:185
+#: src/config/SSSDConfig.py:193
#, fuzzy
msgid "nsAccountLock attribute"
msgstr "Benutzername-Attribut"
-#: src/config/SSSDConfig.py:187
+#: src/config/SSSDConfig.py:194
+#, fuzzy
+msgid "loginDisabled attribute of NDS"
+msgstr "Benutzername-Attribut"
+
+#: src/config/SSSDConfig.py:195
+#, fuzzy
+msgid "loginExpirationTime attribute of NDS"
+msgstr "Benutzername-Attribut"
+
+#: src/config/SSSDConfig.py:196
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:198
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig.py:190
+#: src/config/SSSDConfig.py:201
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig.py:191
+#: src/config/SSSDConfig.py:202
#, fuzzy
msgid "Group name"
msgstr "Gruppen"
-#: src/config/SSSDConfig.py:192
+#: src/config/SSSDConfig.py:203
#, fuzzy
msgid "Group password"
msgstr "Gruppen"
-#: src/config/SSSDConfig.py:193
+#: src/config/SSSDConfig.py:204
#, fuzzy
msgid "GID attribute"
msgstr "UID-Attribut"
-#: src/config/SSSDConfig.py:194
+#: src/config/SSSDConfig.py:205
#, fuzzy
msgid "Group member attribute"
msgstr "Benutzername-Attribut"
-#: src/config/SSSDConfig.py:195
+#: src/config/SSSDConfig.py:206
#, fuzzy
msgid "Group UUID attribute"
msgstr "UUID-Attribut"
-#: src/config/SSSDConfig.py:196
+#: src/config/SSSDConfig.py:207
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig.py:198
+#: src/config/SSSDConfig.py:209
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig.py:200
+#: src/config/SSSDConfig.py:211
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig.py:201
+#: src/config/SSSDConfig.py:212
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig.py:202
+#: src/config/SSSDConfig.py:213
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig.py:203
+#: src/config/SSSDConfig.py:214
#, fuzzy
msgid "Netgroups members attribute"
msgstr "Benutzername-Attribut"
-#: src/config/SSSDConfig.py:204
+#: src/config/SSSDConfig.py:215
#, fuzzy
msgid "Netgroup triple attribute"
msgstr "Benutzername-Attribut"
-#: src/config/SSSDConfig.py:205
+#: src/config/SSSDConfig.py:216
#, fuzzy
msgid "Netgroup UUID attribute"
msgstr "UUID-Attribut"
-#: src/config/SSSDConfig.py:206
+#: src/config/SSSDConfig.py:217
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig.py:209
+#: src/config/SSSDConfig.py:220
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig.py:212
+#: src/config/SSSDConfig.py:223
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig.py:213
+#: src/config/SSSDConfig.py:224
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig.py:214
+#: src/config/SSSDConfig.py:225
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig.py:217
+#: src/config/SSSDConfig.py:228
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig.py:218
+#: src/config/SSSDConfig.py:229
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig.py:221
+#: src/config/SSSDConfig.py:232
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig.py:222
+#: src/config/SSSDConfig.py:233
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig.py:225
+#: src/config/SSSDConfig.py:236
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig.py:226
+#: src/config/SSSDConfig.py:237
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig.py:229
+#: src/config/SSSDConfig.py:240
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig.py:232
+#: src/config/SSSDConfig.py:243
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2245
+#: src/monitor/monitor.c:2316
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2247
+#: src/monitor/monitor.c:2318
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2249
+#: src/monitor/monitor.c:2320
msgid "Specify a non-default config file"
msgstr ""
#: src/providers/krb5/krb5_child.c:1554 src/providers/ldap/ldap_child.c:360
-#: src/util/util.h:65
+#: src/util/util.h:67
msgid "Debug level"
msgstr ""
#: src/providers/krb5/krb5_child.c:1556 src/providers/ldap/ldap_child.c:362
-#: src/util/util.h:69
+#: src/util/util.h:71
msgid "Add debug timestamps"
msgstr ""
@@ -661,93 +711,93 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:1226
+#: src/providers/data_provider_be.c:1196
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:820
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:825
+#: src/sss_client/common.c:823
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:826
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:831
+#: src/sss_client/common.c:829
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:836
+#: src/sss_client/common.c:834
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:842
+#: src/sss_client/common.c:840
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:378
+#: src/sss_client/pam_sss.c:374
msgid "Passwords do not match"
msgstr ""
-#: src/sss_client/pam_sss.c:571
+#: src/sss_client/pam_sss.c:567
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:612
+#: src/sss_client/pam_sss.c:608
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:613
+#: src/sss_client/pam_sss.c:609
msgid ", your cached password will expire at: "
msgstr ""
-#: src/sss_client/pam_sss.c:643
+#: src/sss_client/pam_sss.c:639
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:689
+#: src/sss_client/pam_sss.c:685
#, c-format
msgid "Your password will expire in %d %s."
msgstr ""
-#: src/sss_client/pam_sss.c:738
+#: src/sss_client/pam_sss.c:734
msgid "Authentication is denied until: "
msgstr ""
-#: src/sss_client/pam_sss.c:765
+#: src/sss_client/pam_sss.c:761
msgid "System is offline, password change not possible"
msgstr ""
-#: src/sss_client/pam_sss.c:795 src/sss_client/pam_sss.c:808
+#: src/sss_client/pam_sss.c:791 src/sss_client/pam_sss.c:804
msgid "Password change failed. "
msgstr ""
-#: src/sss_client/pam_sss.c:798 src/sss_client/pam_sss.c:809
+#: src/sss_client/pam_sss.c:794 src/sss_client/pam_sss.c:805
msgid "Server message: "
msgstr ""
-#: src/sss_client/pam_sss.c:1212
+#: src/sss_client/pam_sss.c:1208
msgid "New Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1213
+#: src/sss_client/pam_sss.c:1209
msgid "Reenter new Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1295
+#: src/sss_client/pam_sss.c:1291
msgid "Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1327
+#: src/sss_client/pam_sss.c:1323
msgid "Current Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1473
+#: src/sss_client/pam_sss.c:1469
msgid "Password expired. Change your password now."
msgstr ""
@@ -1145,6 +1195,6 @@ msgstr ""
msgid "%s must be run as root\n"
msgstr ""
-#: src/util/util.h:67
+#: src/util/util.h:69
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/es.po b/po/es.po
index ef33ac209..3eb28e57a 100644
--- a/po/es.po
+++ b/po/es.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sss_daemon 0.4.0\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-04-27 11:41-0400\n"
+"POT-Creation-Date: 2011-08-02 15:55-0400\n"
"PO-Revision-Date: 2010-07-20 09:18-0300\n"
"Last-Translator: Héctor Daniel Cabrera <logan@fedoraproject.org>\n"
"Language-Team: Fedora Spanish <trans-es@lists.fedoraproject.org>\n"
@@ -97,17 +97,36 @@ msgstr "Deben aparecer los usuarios filtrados en los grupos"
msgid "The value of the password field the NSS provider should return"
msgstr "El valor del campo contraseña que el proveedor NSS debe devolver"
+#: src/config/SSSDConfig.py:61
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:62
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
#: src/config/SSSDConfig.py:63
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
+msgstr ""
+
+#: src/config/SSSDConfig.py:64
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig.py:67
msgid "How long to allow cached logins between online logins (days)"
msgstr ""
"Por cuánto tiempo permitir ingresos cacheados entre ingresos en línea (días)"
-#: src/config/SSSDConfig.py:64
+#: src/config/SSSDConfig.py:68
msgid "How many failed logins attempts are allowed when offline"
msgstr ""
"Cuantos intentos de ingreso fallidos se permiten cuando está desconectado"
-#: src/config/SSSDConfig.py:65
+#: src/config/SSSDConfig.py:69
msgid ""
"How long (minutes) to deny login after offline_failed_login_attempts has "
"been reached"
@@ -115,580 +134,611 @@ msgstr ""
"Cuántos minutos se denegará el ingreso después de que se alcance el máximo "
"de ingresos fallidos offline_failed_login_attempts"
-#: src/config/SSSDConfig.py:66
+#: src/config/SSSDConfig.py:70
msgid "What kind of messages are displayed to the user during authentication"
msgstr ""
-#: src/config/SSSDConfig.py:67
+#: src/config/SSSDConfig.py:71
msgid "How many seconds to keep identity information cached for PAM requests"
msgstr ""
-#: src/config/SSSDConfig.py:68
+#: src/config/SSSDConfig.py:72
msgid "How many days before password expiration a warning should be displayed"
msgstr ""
-#: src/config/SSSDConfig.py:71
+#: src/config/SSSDConfig.py:75
msgid "Identity provider"
msgstr "Proveedor de identidad"
-#: src/config/SSSDConfig.py:72
+#: src/config/SSSDConfig.py:76
msgid "Authentication provider"
msgstr "Proveedor de Autenticación"
-#: src/config/SSSDConfig.py:73
+#: src/config/SSSDConfig.py:77
msgid "Access control provider"
msgstr "Proveedor de control de acceso"
-#: src/config/SSSDConfig.py:74
+#: src/config/SSSDConfig.py:78
msgid "Password change provider"
msgstr "Proveedor de cambio de contraseña"
-#: src/config/SSSDConfig.py:77
+#: src/config/SSSDConfig.py:81
msgid "Minimum user ID"
msgstr "ID mínimo de usuario"
-#: src/config/SSSDConfig.py:78
+#: src/config/SSSDConfig.py:82
msgid "Maximum user ID"
msgstr "ID máximo de usuario"
-#: src/config/SSSDConfig.py:79
+#: src/config/SSSDConfig.py:83
msgid "Enable enumerating all users/groups"
msgstr "Habilitar la enumeración de todos los usuarios/grupos"
-#: src/config/SSSDConfig.py:80
+#: src/config/SSSDConfig.py:84
msgid "Cache credentials for offline login"
msgstr "Hacer caché de las credenciales para ingresos fuera de línea"
-#: src/config/SSSDConfig.py:81
+#: src/config/SSSDConfig.py:85
msgid "Store password hashes"
msgstr "Guardar los hashes de la contraseña"
-#: src/config/SSSDConfig.py:82
+#: src/config/SSSDConfig.py:86
msgid "Display users/groups in fully-qualified form"
msgstr "Mostrar los usuarios/grupos en un formato completamente calificado"
-#: src/config/SSSDConfig.py:83
+#: src/config/SSSDConfig.py:87
msgid "Entry cache timeout length (seconds)"
msgstr "Tiempo máximo de una entrada del caché (segundos)"
-#: src/config/SSSDConfig.py:84
+#: src/config/SSSDConfig.py:88
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Restringir o preferir una familia de direcciones específica, cuando se "
"realicen búsquedas DNS"
-#: src/config/SSSDConfig.py:85
+#: src/config/SSSDConfig.py:89
msgid "How long to keep cached entries after last successful login (days)"
msgstr "Por cuánto tiempo permitir ingresos cacheados luego del último (días)"
-#: src/config/SSSDConfig.py:86
+#: src/config/SSSDConfig.py:90
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
"Cantidad de tiempo (en segundos) a esperar respuestas desde DNS cuando se "
"estén resolviendo servidores"
-#: src/config/SSSDConfig.py:87
+#: src/config/SSSDConfig.py:91
msgid "The domain part of service discovery DNS query"
msgstr "La sección del dominio de la consulta para descubrir servicios DNS"
-#: src/config/SSSDConfig.py:90
+#: src/config/SSSDConfig.py:92
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:95
msgid "IPA domain"
msgstr "Dominio IPA"
-#: src/config/SSSDConfig.py:91
+#: src/config/SSSDConfig.py:96
msgid "IPA server address"
msgstr "Dirección del servidor IPA"
-#: src/config/SSSDConfig.py:92
+#: src/config/SSSDConfig.py:97
msgid "IPA client hostname"
msgstr "Nombre de equipo del cliente IPA"
-#: src/config/SSSDConfig.py:93
+#: src/config/SSSDConfig.py:98
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Si actualizar o no en forma automática la entrada DNS del cliente en FreeIPA"
-#: src/config/SSSDConfig.py:94
+#: src/config/SSSDConfig.py:99
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"La interfaz cuya IP debería ser utilizada para actualizaciones DNS "
"automáticas"
-#: src/config/SSSDConfig.py:95
+#: src/config/SSSDConfig.py:100
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig.py:98 src/config/SSSDConfig.py:99
+#: src/config/SSSDConfig.py:101
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig.py:102
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig.py:105 src/config/SSSDConfig.py:106
msgid "Kerberos server address"
msgstr "Dirección del servidor Kerberos"
-#: src/config/SSSDConfig.py:100
+#: src/config/SSSDConfig.py:107
msgid "Kerberos realm"
msgstr "Reinado Kerberos"
-#: src/config/SSSDConfig.py:101
+#: src/config/SSSDConfig.py:108
msgid "Authentication timeout"
msgstr "Expiración de la autenticación"
-#: src/config/SSSDConfig.py:104
+#: src/config/SSSDConfig.py:111
msgid "Directory to store credential caches"
msgstr "Directorio donde almacenar las credenciales cacheadas"
-#: src/config/SSSDConfig.py:105
+#: src/config/SSSDConfig.py:112
msgid "Location of the user's credential cache"
msgstr "Ubicación del caché de credenciales del usuario"
-#: src/config/SSSDConfig.py:106
+#: src/config/SSSDConfig.py:113
msgid "Location of the keytab to validate credentials"
msgstr "Ubicación de la tabla de claves para validar las credenciales"
-#: src/config/SSSDConfig.py:107
+#: src/config/SSSDConfig.py:114
msgid "Enable credential validation"
msgstr "Habilitar la validación de credenciales"
-#: src/config/SSSDConfig.py:108
+#: src/config/SSSDConfig.py:115
msgid "Store password if offline for later online authentication"
msgstr ""
"Si se encuentra desconectado, almacena contraseñas para más tarde realizar "
"una autenticación en línea"
-#: src/config/SSSDConfig.py:109
+#: src/config/SSSDConfig.py:116
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:110
+#: src/config/SSSDConfig.py:117
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:111
+#: src/config/SSSDConfig.py:118
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig.py:112
+#: src/config/SSSDConfig.py:119
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig.py:115
+#: src/config/SSSDConfig.py:122
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"El servidor en donde está ejecutándose el servicio de modificación de "
"contraseña, en caso de no ser KDC. "
-#: src/config/SSSDConfig.py:118
+#: src/config/SSSDConfig.py:125
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, El URI del servidor LDAP"
-#: src/config/SSSDConfig.py:119
+#: src/config/SSSDConfig.py:126
msgid "The default base DN"
msgstr "DN base predeterminado"
-#: src/config/SSSDConfig.py:120
+#: src/config/SSSDConfig.py:127
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "El Tipo de Esquema a usar en el servidor LDAP, rfc2307"
-#: src/config/SSSDConfig.py:121
+#: src/config/SSSDConfig.py:128
msgid "The default bind DN"
msgstr "El DN Bind predeterminado"
-#: src/config/SSSDConfig.py:122
+#: src/config/SSSDConfig.py:129
msgid "The type of the authentication token of the default bind DN"
msgstr "El tipo del token de autenticación del DN bind predeterminado"
-#: src/config/SSSDConfig.py:123
+#: src/config/SSSDConfig.py:130
msgid "The authentication token of the default bind DN"
msgstr "El token de autenticación del DN bind predeterminado"
-#: src/config/SSSDConfig.py:124
+#: src/config/SSSDConfig.py:131
msgid "Length of time to attempt connection"
msgstr "Tiempo durante el que se intentará la conexión"
-#: src/config/SSSDConfig.py:125
+#: src/config/SSSDConfig.py:132
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Tiempo durante el que se intentará operaciones LDAP sincrónicas"
-#: src/config/SSSDConfig.py:126
+#: src/config/SSSDConfig.py:133
msgid "Length of time between attempts to reconnect while offline"
msgstr "Tiempo entre intentos de reconexión cuando esté fuera de línea"
-#: src/config/SSSDConfig.py:127
+#: src/config/SSSDConfig.py:134
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig.py:128
+#: src/config/SSSDConfig.py:135
msgid "File that contains CA certificates"
msgstr "Archivo que contiene los certificados CA"
-#: src/config/SSSDConfig.py:129
+#: src/config/SSSDConfig.py:136
msgid "Path to CA certificate directory"
msgstr "Ruta hacia un directorio certificado CA"
-#: src/config/SSSDConfig.py:130
+#: src/config/SSSDConfig.py:137
#, fuzzy
msgid "File that contains the client certificate"
msgstr "Archivo que contiene los certificados CA"
-#: src/config/SSSDConfig.py:131
+#: src/config/SSSDConfig.py:138
#, fuzzy
msgid "File that contains the client key"
msgstr "Archivo que contiene los certificados CA"
-#: src/config/SSSDConfig.py:132
+#: src/config/SSSDConfig.py:139
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig.py:133
+#: src/config/SSSDConfig.py:140
msgid "Require TLS certificate verification"
msgstr "Requiere la verificación de certificado TLS"
-#: src/config/SSSDConfig.py:134
+#: src/config/SSSDConfig.py:141
msgid "Specify the sasl mechanism to use"
msgstr "Especificar el mecanismo sasl a usar"
-#: src/config/SSSDConfig.py:135
+#: src/config/SSSDConfig.py:142
msgid "Specify the sasl authorization id to use"
msgstr "Especifique el id de autorización sasl a usar"
-#: src/config/SSSDConfig.py:136
+#: src/config/SSSDConfig.py:143
#, fuzzy
msgid "Specify the sasl authorization realm to use"
msgstr "Especifique el id de autorización sasl a usar"
-#: src/config/SSSDConfig.py:137
+#: src/config/SSSDConfig.py:144
msgid "Kerberos service keytab"
msgstr "Tabla de clave del servicio Kerberos"
-#: src/config/SSSDConfig.py:138
+#: src/config/SSSDConfig.py:145
msgid "Use Kerberos auth for LDAP connection"
msgstr "Usar auth Kerberos para la conexión LDAP"
-#: src/config/SSSDConfig.py:139
+#: src/config/SSSDConfig.py:146
msgid "Follow LDAP referrals"
msgstr "Seguir referencias LDAP"
-#: src/config/SSSDConfig.py:140
+#: src/config/SSSDConfig.py:147
msgid "Lifetime of TGT for LDAP connection"
msgstr "Período de vida del TGT para la conexión LDAP"
-#: src/config/SSSDConfig.py:141
+#: src/config/SSSDConfig.py:148
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig.py:142
+#: src/config/SSSDConfig.py:149
#, fuzzy
msgid "Service name for DNS service lookups"
msgstr "Filtro para las búsquedas del usuario"
-#: src/config/SSSDConfig.py:143
+#: src/config/SSSDConfig.py:150
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig.py:145
+#: src/config/SSSDConfig.py:151
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig.py:153
#, fuzzy
msgid "entryUSN attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig.py:146
+#: src/config/SSSDConfig.py:154
#, fuzzy
msgid "lastUSN attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig.py:149
+#: src/config/SSSDConfig.py:157
msgid "Length of time to wait for a search request"
msgstr "Tiempo máximo a esperar un pedido de búsqueda"
-#: src/config/SSSDConfig.py:150
+#: src/config/SSSDConfig.py:158
#, fuzzy
msgid "Length of time to wait for a enumeration request"
msgstr "Tiempo máximo a esperar un pedido de búsqueda"
-#: src/config/SSSDConfig.py:151
+#: src/config/SSSDConfig.py:159
msgid "Length of time between enumeration updates"
msgstr "Tiempo en segundos entre las actualizaciones de enumeración"
-#: src/config/SSSDConfig.py:152
+#: src/config/SSSDConfig.py:160
#, fuzzy
msgid "Length of time between cache cleanups"
msgstr "Tiempo en segundos entre las actualizaciones de enumeración"
-#: src/config/SSSDConfig.py:153
+#: src/config/SSSDConfig.py:161
msgid "Require TLS for ID lookups"
msgstr "Requiere TLS para búsquedas de ID"
-#: src/config/SSSDConfig.py:154
+#: src/config/SSSDConfig.py:162
msgid "Base DN for user lookups"
msgstr "DN base para búsquedas de usuario"
-#: src/config/SSSDConfig.py:155
+#: src/config/SSSDConfig.py:163
msgid "Scope of user lookups"
msgstr "Ambito de las búsquedas del usuario"
-#: src/config/SSSDConfig.py:156
+#: src/config/SSSDConfig.py:164
msgid "Filter for user lookups"
msgstr "Filtro para las búsquedas del usuario"
-#: src/config/SSSDConfig.py:157
+#: src/config/SSSDConfig.py:165
msgid "Objectclass for users"
msgstr "Objectclass para los usuarios"
-#: src/config/SSSDConfig.py:158
+#: src/config/SSSDConfig.py:166
msgid "Username attribute"
msgstr "Atributo Username"
-#: src/config/SSSDConfig.py:160
+#: src/config/SSSDConfig.py:168
msgid "UID attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig.py:161
+#: src/config/SSSDConfig.py:169
msgid "Primary GID attribute"
msgstr "Atributo GID primario"
-#: src/config/SSSDConfig.py:162
+#: src/config/SSSDConfig.py:170
msgid "GECOS attribute"
msgstr "Atributo GECOS"
-#: src/config/SSSDConfig.py:163
+#: src/config/SSSDConfig.py:171
msgid "Home directory attribute"
msgstr "Atributo Directorio de inicio"
-#: src/config/SSSDConfig.py:164
+#: src/config/SSSDConfig.py:172
msgid "Shell attribute"
msgstr "Atributo shell"
-#: src/config/SSSDConfig.py:165
+#: src/config/SSSDConfig.py:173
msgid "UUID attribute"
msgstr "Atributo UUID"
-#: src/config/SSSDConfig.py:166
+#: src/config/SSSDConfig.py:174
msgid "User principal attribute (for Kerberos)"
msgstr "Atributo principal del usuario (para Kerberos) "
-#: src/config/SSSDConfig.py:167
+#: src/config/SSSDConfig.py:175
msgid "Full Name"
msgstr "Nombre completo"
-#: src/config/SSSDConfig.py:168
+#: src/config/SSSDConfig.py:176
msgid "memberOf attribute"
msgstr "Atributo memberOf"
-#: src/config/SSSDConfig.py:169
+#: src/config/SSSDConfig.py:177
msgid "Modification time attribute"
msgstr "Atributo hora de modificación"
-#: src/config/SSSDConfig.py:171
+#: src/config/SSSDConfig.py:179
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:172
+#: src/config/SSSDConfig.py:180
#, fuzzy
msgid "shadowMin attribute"
msgstr "Atributo Username"
-#: src/config/SSSDConfig.py:173
+#: src/config/SSSDConfig.py:181
#, fuzzy
msgid "shadowMax attribute"
msgstr "Atributo Username"
-#: src/config/SSSDConfig.py:174
+#: src/config/SSSDConfig.py:182
#, fuzzy
msgid "shadowWarning attribute"
msgstr "Atributo Username"
-#: src/config/SSSDConfig.py:175
+#: src/config/SSSDConfig.py:183
#, fuzzy
msgid "shadowInactive attribute"
msgstr "Atributo Username"
-#: src/config/SSSDConfig.py:176
+#: src/config/SSSDConfig.py:184
#, fuzzy
msgid "shadowExpire attribute"
msgstr "Atributo Username"
-#: src/config/SSSDConfig.py:177
+#: src/config/SSSDConfig.py:185
#, fuzzy
msgid "shadowFlag attribute"
msgstr "Atributo shell"
-#: src/config/SSSDConfig.py:178
+#: src/config/SSSDConfig.py:186
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig.py:179
+#: src/config/SSSDConfig.py:187
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig.py:180
+#: src/config/SSSDConfig.py:188
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:181
+#: src/config/SSSDConfig.py:189
#, fuzzy
msgid "krbPasswordExpiration attribute"
msgstr "Atributo hora de modificación"
-#: src/config/SSSDConfig.py:182
+#: src/config/SSSDConfig.py:190
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig.py:183
+#: src/config/SSSDConfig.py:191
#, fuzzy
msgid "accountExpires attribute of AD"
msgstr "Atributo Username"
-#: src/config/SSSDConfig.py:184
+#: src/config/SSSDConfig.py:192
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:185
+#: src/config/SSSDConfig.py:193
#, fuzzy
msgid "nsAccountLock attribute"
msgstr "Atributo Username"
-#: src/config/SSSDConfig.py:187
+#: src/config/SSSDConfig.py:194
+#, fuzzy
+msgid "loginDisabled attribute of NDS"
+msgstr "Atributo Username"
+
+#: src/config/SSSDConfig.py:195
+#, fuzzy
+msgid "loginExpirationTime attribute of NDS"
+msgstr "Atributo Username"
+
+#: src/config/SSSDConfig.py:196
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:198
#, fuzzy
msgid "Base DN for group lookups"
msgstr "DN base para búsquedas de usuario"
-#: src/config/SSSDConfig.py:190
+#: src/config/SSSDConfig.py:201
#, fuzzy
msgid "Objectclass for groups"
msgstr "Objectclass para los usuarios"
-#: src/config/SSSDConfig.py:191
+#: src/config/SSSDConfig.py:202
#, fuzzy
msgid "Group name"
msgstr "Grupos"
-#: src/config/SSSDConfig.py:192
+#: src/config/SSSDConfig.py:203
#, fuzzy
msgid "Group password"
msgstr "Grupos"
-#: src/config/SSSDConfig.py:193
+#: src/config/SSSDConfig.py:204
#, fuzzy
msgid "GID attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig.py:194
+#: src/config/SSSDConfig.py:205
#, fuzzy
msgid "Group member attribute"
msgstr "Atributo memberOf"
-#: src/config/SSSDConfig.py:195
+#: src/config/SSSDConfig.py:206
#, fuzzy
msgid "Group UUID attribute"
msgstr "Atributo UUID"
-#: src/config/SSSDConfig.py:196
+#: src/config/SSSDConfig.py:207
#, fuzzy
msgid "Modification time attribute for groups"
msgstr "Atributo hora de modificación"
-#: src/config/SSSDConfig.py:198
+#: src/config/SSSDConfig.py:209
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig.py:200
+#: src/config/SSSDConfig.py:211
#, fuzzy
msgid "Base DN for netgroup lookups"
msgstr "DN base para búsquedas de usuario"
-#: src/config/SSSDConfig.py:201
+#: src/config/SSSDConfig.py:212
#, fuzzy
msgid "Objectclass for netgroups"
msgstr "Objectclass para los usuarios"
-#: src/config/SSSDConfig.py:202
+#: src/config/SSSDConfig.py:213
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig.py:203
+#: src/config/SSSDConfig.py:214
#, fuzzy
msgid "Netgroups members attribute"
msgstr "Atributo memberOf"
-#: src/config/SSSDConfig.py:204
+#: src/config/SSSDConfig.py:215
#, fuzzy
msgid "Netgroup triple attribute"
msgstr "Atributo hora de modificación"
-#: src/config/SSSDConfig.py:205
+#: src/config/SSSDConfig.py:216
#, fuzzy
msgid "Netgroup UUID attribute"
msgstr "Atributo UUID"
-#: src/config/SSSDConfig.py:206
+#: src/config/SSSDConfig.py:217
#, fuzzy
msgid "Modification time attribute for netgroups"
msgstr "Atributo hora de modificación"
-#: src/config/SSSDConfig.py:209
+#: src/config/SSSDConfig.py:220
msgid "Policy to evaluate the password expiration"
msgstr "Política para evaluar el vencimiento de la contraseña"
-#: src/config/SSSDConfig.py:212
+#: src/config/SSSDConfig.py:223
msgid "LDAP filter to determine access privileges"
msgstr "Filtro LDAP para determinar privilegios de acceso"
-#: src/config/SSSDConfig.py:213
+#: src/config/SSSDConfig.py:224
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig.py:214
+#: src/config/SSSDConfig.py:225
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig.py:217
+#: src/config/SSSDConfig.py:228
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig.py:218
+#: src/config/SSSDConfig.py:229
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig.py:221
+#: src/config/SSSDConfig.py:232
msgid "Comma separated list of allowed users"
msgstr "Lista separada por comas de usuarios autorizados"
-#: src/config/SSSDConfig.py:222
+#: src/config/SSSDConfig.py:233
msgid "Comma separated list of prohibited users"
msgstr "Lista separada por comas de usuarios prohibidos"
-#: src/config/SSSDConfig.py:225
+#: src/config/SSSDConfig.py:236
msgid "Default shell, /bin/bash"
msgstr "Shell predeterminado, /bin/bash"
-#: src/config/SSSDConfig.py:226
+#: src/config/SSSDConfig.py:237
msgid "Base for home directories"
msgstr "Base de los directorios de inicio"
-#: src/config/SSSDConfig.py:229
+#: src/config/SSSDConfig.py:240
msgid "The name of the NSS library to use"
msgstr "Nombre de la biblioteca NSS a usar"
-#: src/config/SSSDConfig.py:232
+#: src/config/SSSDConfig.py:243
msgid "PAM stack to use"
msgstr "Pila PAM a usar"
-#: src/monitor/monitor.c:2245
+#: src/monitor/monitor.c:2316
msgid "Become a daemon (default)"
msgstr "Convertirse en demonio (predeterminado)"
-#: src/monitor/monitor.c:2247
+#: src/monitor/monitor.c:2318
msgid "Run interactive (not a daemon)"
msgstr "Ejecutarse en forma interactiva (no un demonio)"
-#: src/monitor/monitor.c:2249
+#: src/monitor/monitor.c:2320
msgid "Specify a non-default config file"
msgstr "Indicar un archivo de configuración diferente al predeterminado"
#: src/providers/krb5/krb5_child.c:1554 src/providers/ldap/ldap_child.c:360
-#: src/util/util.h:65
+#: src/util/util.h:67
msgid "Debug level"
msgstr "Nive de depuración"
#: src/providers/krb5/krb5_child.c:1556 src/providers/ldap/ldap_child.c:362
-#: src/util/util.h:69
+#: src/util/util.h:71
msgid "Add debug timestamps"
msgstr "Agregar marcas de tiempo de depuración"
@@ -696,94 +746,94 @@ msgstr "Agregar marcas de tiempo de depuración"
msgid "An open file descriptor for the debug logs"
msgstr "Un arhivo abierto de descriptor para los registros de depuración"
-#: src/providers/data_provider_be.c:1226
+#: src/providers/data_provider_be.c:1196
msgid "Domain of the information provider (mandatory)"
msgstr "Dominio del proveedor de información (obligatorio)"
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:820
msgid "Privileged socket has wrong ownership or permissions."
msgstr "El zócalo privilegiado posee permisos o pertenencia equivocados."
-#: src/sss_client/common.c:825
+#: src/sss_client/common.c:823
msgid "Public socket has wrong ownership or permissions."
msgstr "El zócalo público posee permisos o pertenencia equivocados."
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:826
msgid "Unexpected format of the server credential message."
msgstr "Formato no esperado del mensaje de la credencial del servidor."
-#: src/sss_client/common.c:831
+#: src/sss_client/common.c:829
msgid "SSSD is not run by root."
msgstr "SSSD no está siendo ejecutado por el usuario root."
-#: src/sss_client/common.c:836
+#: src/sss_client/common.c:834
msgid "An error occurred, but no description can be found."
msgstr "Ha ocurrido un error, pero no se ha podido encontrar una descripción."
-#: src/sss_client/common.c:842
+#: src/sss_client/common.c:840
msgid "Unexpected error while looking for an error description"
msgstr ""
"Ha ocurrido un error no esperado mientras se buscaba la descripción del error"
-#: src/sss_client/pam_sss.c:378
+#: src/sss_client/pam_sss.c:374
msgid "Passwords do not match"
msgstr "Las contraseñas no coinciden"
-#: src/sss_client/pam_sss.c:571
+#: src/sss_client/pam_sss.c:567
msgid "Password reset by root is not supported."
msgstr "No existe soporte para reseteado de la contraseña por el usuario root."
-#: src/sss_client/pam_sss.c:612
+#: src/sss_client/pam_sss.c:608
msgid "Authenticated with cached credentials"
msgstr "Autenticado mediante credenciales cacheada"
-#: src/sss_client/pam_sss.c:613
+#: src/sss_client/pam_sss.c:609
msgid ", your cached password will expire at: "
msgstr ", su contraseña cacheada vencerá el:"
-#: src/sss_client/pam_sss.c:643
+#: src/sss_client/pam_sss.c:639
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
msgstr "Su contraseña ha expirado. Dispone de %d ingreso(s) excepcionales. "
-#: src/sss_client/pam_sss.c:689
+#: src/sss_client/pam_sss.c:685
#, c-format
msgid "Your password will expire in %d %s."
msgstr "Su contraseña expirará en %d %s."
-#: src/sss_client/pam_sss.c:738
+#: src/sss_client/pam_sss.c:734
msgid "Authentication is denied until: "
msgstr "La autenticación ha sido denegada hasta:"
-#: src/sss_client/pam_sss.c:765
+#: src/sss_client/pam_sss.c:761
msgid "System is offline, password change not possible"
msgstr "El sistema está fuera de línea, no se puede cambiar la contraseña"
-#: src/sss_client/pam_sss.c:795 src/sss_client/pam_sss.c:808
+#: src/sss_client/pam_sss.c:791 src/sss_client/pam_sss.c:804
msgid "Password change failed. "
msgstr "Falló el cambio de contraseña."
-#: src/sss_client/pam_sss.c:798 src/sss_client/pam_sss.c:809
+#: src/sss_client/pam_sss.c:794 src/sss_client/pam_sss.c:805
msgid "Server message: "
msgstr "Mensaje del servidor:"
-#: src/sss_client/pam_sss.c:1212
+#: src/sss_client/pam_sss.c:1208
msgid "New Password: "
msgstr "Nueva contraseña: "
-#: src/sss_client/pam_sss.c:1213
+#: src/sss_client/pam_sss.c:1209
msgid "Reenter new Password: "
msgstr "Reingrese la contraseña nueva:"
-#: src/sss_client/pam_sss.c:1295
+#: src/sss_client/pam_sss.c:1291
msgid "Password: "
msgstr "Contraseña: "
-#: src/sss_client/pam_sss.c:1327
+#: src/sss_client/pam_sss.c:1323
msgid "Current Password: "
msgstr "Contraseña actual: "
-#: src/sss_client/pam_sss.c:1473
+#: src/sss_client/pam_sss.c:1469
msgid "Password expired. Change your password now."
msgstr "La contraseña ha expirado. Modifíquela en este preciso momento."
@@ -1212,7 +1262,7 @@ msgstr "Falta memoria\n"
msgid "%s must be run as root\n"
msgstr "%s se debe ejecutar como root\n"
-#: src/util/util.h:67
+#: src/util/util.h:69
msgid "Send the debug output to files instead of stderr"
msgstr "Envia el resultado de la depuración hacia archivos en lugar de stderr"
diff --git a/po/fr.po b/po/fr.po
index cb1549e64..a39037369 100644
--- a/po/fr.po
+++ b/po/fr.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: fr\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-04-27 11:41-0400\n"
+"POT-Creation-Date: 2011-08-02 15:55-0400\n"
"PO-Revision-Date: 2009-11-17 21:05+0100\n"
"Last-Translator: Pablo Martin-Gomez <pablo.martin-gomez@laposte.net>\n"
"Language-Team: Français <fedora-trans-fr@redhat.com>\n"
@@ -88,553 +88,601 @@ msgstr ""
msgid "The value of the password field the NSS provider should return"
msgstr ""
+#: src/config/SSSDConfig.py:61
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:62
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
#: src/config/SSSDConfig.py:63
-msgid "How long to allow cached logins between online logins (days)"
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
msgstr ""
#: src/config/SSSDConfig.py:64
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig.py:67
+msgid "How long to allow cached logins between online logins (days)"
+msgstr ""
+
+#: src/config/SSSDConfig.py:68
msgid "How many failed logins attempts are allowed when offline"
msgstr ""
-#: src/config/SSSDConfig.py:65
+#: src/config/SSSDConfig.py:69
msgid ""
"How long (minutes) to deny login after offline_failed_login_attempts has "
"been reached"
msgstr ""
-#: src/config/SSSDConfig.py:66
+#: src/config/SSSDConfig.py:70
msgid "What kind of messages are displayed to the user during authentication"
msgstr ""
-#: src/config/SSSDConfig.py:67
+#: src/config/SSSDConfig.py:71
msgid "How many seconds to keep identity information cached for PAM requests"
msgstr ""
-#: src/config/SSSDConfig.py:68
+#: src/config/SSSDConfig.py:72
msgid "How many days before password expiration a warning should be displayed"
msgstr ""
-#: src/config/SSSDConfig.py:71
+#: src/config/SSSDConfig.py:75
msgid "Identity provider"
msgstr ""
-#: src/config/SSSDConfig.py:72
+#: src/config/SSSDConfig.py:76
msgid "Authentication provider"
msgstr ""
-#: src/config/SSSDConfig.py:73
+#: src/config/SSSDConfig.py:77
msgid "Access control provider"
msgstr ""
-#: src/config/SSSDConfig.py:74
+#: src/config/SSSDConfig.py:78
#, fuzzy
msgid "Password change provider"
msgstr "Le mot de passe a expiré."
-#: src/config/SSSDConfig.py:77
+#: src/config/SSSDConfig.py:81
msgid "Minimum user ID"
msgstr ""
-#: src/config/SSSDConfig.py:78
+#: src/config/SSSDConfig.py:82
msgid "Maximum user ID"
msgstr ""
-#: src/config/SSSDConfig.py:79
+#: src/config/SSSDConfig.py:83
msgid "Enable enumerating all users/groups"
msgstr ""
-#: src/config/SSSDConfig.py:80
+#: src/config/SSSDConfig.py:84
msgid "Cache credentials for offline login"
msgstr ""
-#: src/config/SSSDConfig.py:81
+#: src/config/SSSDConfig.py:85
msgid "Store password hashes"
msgstr ""
-#: src/config/SSSDConfig.py:82
+#: src/config/SSSDConfig.py:86
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig.py:83
+#: src/config/SSSDConfig.py:87
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:84
+#: src/config/SSSDConfig.py:88
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig.py:85
+#: src/config/SSSDConfig.py:89
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig.py:86
+#: src/config/SSSDConfig.py:90
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:87
+#: src/config/SSSDConfig.py:91
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig.py:90
+#: src/config/SSSDConfig.py:92
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:95
msgid "IPA domain"
msgstr ""
-#: src/config/SSSDConfig.py:91
+#: src/config/SSSDConfig.py:96
msgid "IPA server address"
msgstr ""
-#: src/config/SSSDConfig.py:92
+#: src/config/SSSDConfig.py:97
msgid "IPA client hostname"
msgstr ""
-#: src/config/SSSDConfig.py:93
+#: src/config/SSSDConfig.py:98
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig.py:94
+#: src/config/SSSDConfig.py:99
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig.py:95
+#: src/config/SSSDConfig.py:100
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig.py:98 src/config/SSSDConfig.py:99
+#: src/config/SSSDConfig.py:101
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig.py:102
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig.py:105 src/config/SSSDConfig.py:106
msgid "Kerberos server address"
msgstr ""
-#: src/config/SSSDConfig.py:100
+#: src/config/SSSDConfig.py:107
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig.py:101
+#: src/config/SSSDConfig.py:108
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig.py:104
+#: src/config/SSSDConfig.py:111
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig.py:105
+#: src/config/SSSDConfig.py:112
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig.py:106
+#: src/config/SSSDConfig.py:113
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig.py:107
+#: src/config/SSSDConfig.py:114
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig.py:108
+#: src/config/SSSDConfig.py:115
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig.py:109
+#: src/config/SSSDConfig.py:116
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:110
+#: src/config/SSSDConfig.py:117
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:111
+#: src/config/SSSDConfig.py:118
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig.py:112
+#: src/config/SSSDConfig.py:119
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig.py:115
+#: src/config/SSSDConfig.py:122
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig.py:118
+#: src/config/SSSDConfig.py:125
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig.py:119
+#: src/config/SSSDConfig.py:126
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig.py:120
+#: src/config/SSSDConfig.py:127
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig.py:121
+#: src/config/SSSDConfig.py:128
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:122
+#: src/config/SSSDConfig.py:129
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:123
+#: src/config/SSSDConfig.py:130
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:124
+#: src/config/SSSDConfig.py:131
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig.py:125
+#: src/config/SSSDConfig.py:132
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig.py:126
+#: src/config/SSSDConfig.py:133
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig.py:127
+#: src/config/SSSDConfig.py:134
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig.py:128
+#: src/config/SSSDConfig.py:135
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig.py:129
+#: src/config/SSSDConfig.py:136
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig.py:130
+#: src/config/SSSDConfig.py:137
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig.py:131
+#: src/config/SSSDConfig.py:138
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig.py:132
+#: src/config/SSSDConfig.py:139
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig.py:133
+#: src/config/SSSDConfig.py:140
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig.py:134
+#: src/config/SSSDConfig.py:141
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig.py:135
+#: src/config/SSSDConfig.py:142
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig.py:136
+#: src/config/SSSDConfig.py:143
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig.py:137
+#: src/config/SSSDConfig.py:144
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig.py:138
+#: src/config/SSSDConfig.py:145
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig.py:139
+#: src/config/SSSDConfig.py:146
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig.py:140
+#: src/config/SSSDConfig.py:147
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig.py:141
+#: src/config/SSSDConfig.py:148
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig.py:142
+#: src/config/SSSDConfig.py:149
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig.py:143
+#: src/config/SSSDConfig.py:150
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig.py:145
+#: src/config/SSSDConfig.py:151
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig.py:153
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig.py:146
+#: src/config/SSSDConfig.py:154
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig.py:149
+#: src/config/SSSDConfig.py:157
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig.py:150
+#: src/config/SSSDConfig.py:158
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig.py:151
+#: src/config/SSSDConfig.py:159
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig.py:152
+#: src/config/SSSDConfig.py:160
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig.py:153
+#: src/config/SSSDConfig.py:161
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig.py:154
+#: src/config/SSSDConfig.py:162
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:155
+#: src/config/SSSDConfig.py:163
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:156
+#: src/config/SSSDConfig.py:164
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:157
+#: src/config/SSSDConfig.py:165
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig.py:158
+#: src/config/SSSDConfig.py:166
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig.py:160
+#: src/config/SSSDConfig.py:168
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:161
+#: src/config/SSSDConfig.py:169
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:162
+#: src/config/SSSDConfig.py:170
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig.py:163
+#: src/config/SSSDConfig.py:171
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig.py:164
+#: src/config/SSSDConfig.py:172
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig.py:165
+#: src/config/SSSDConfig.py:173
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:166
+#: src/config/SSSDConfig.py:174
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig.py:167
+#: src/config/SSSDConfig.py:175
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig.py:168
+#: src/config/SSSDConfig.py:176
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig.py:169
+#: src/config/SSSDConfig.py:177
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig.py:171
+#: src/config/SSSDConfig.py:179
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:172
+#: src/config/SSSDConfig.py:180
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig.py:173
+#: src/config/SSSDConfig.py:181
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig.py:174
+#: src/config/SSSDConfig.py:182
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig.py:175
+#: src/config/SSSDConfig.py:183
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig.py:176
+#: src/config/SSSDConfig.py:184
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig.py:177
+#: src/config/SSSDConfig.py:185
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig.py:178
+#: src/config/SSSDConfig.py:186
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig.py:179
+#: src/config/SSSDConfig.py:187
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig.py:180
+#: src/config/SSSDConfig.py:188
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:181
+#: src/config/SSSDConfig.py:189
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig.py:182
+#: src/config/SSSDConfig.py:190
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig.py:183
+#: src/config/SSSDConfig.py:191
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:184
+#: src/config/SSSDConfig.py:192
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:185
+#: src/config/SSSDConfig.py:193
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig.py:187
+#: src/config/SSSDConfig.py:194
+msgid "loginDisabled attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:195
+msgid "loginExpirationTime attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:196
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:198
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig.py:190
+#: src/config/SSSDConfig.py:201
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig.py:191
+#: src/config/SSSDConfig.py:202
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig.py:192
+#: src/config/SSSDConfig.py:203
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig.py:193
+#: src/config/SSSDConfig.py:204
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:194
+#: src/config/SSSDConfig.py:205
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig.py:195
+#: src/config/SSSDConfig.py:206
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:196
+#: src/config/SSSDConfig.py:207
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig.py:198
+#: src/config/SSSDConfig.py:209
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig.py:200
+#: src/config/SSSDConfig.py:211
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig.py:201
+#: src/config/SSSDConfig.py:212
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig.py:202
+#: src/config/SSSDConfig.py:213
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig.py:203
+#: src/config/SSSDConfig.py:214
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig.py:204
+#: src/config/SSSDConfig.py:215
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig.py:205
+#: src/config/SSSDConfig.py:216
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:206
+#: src/config/SSSDConfig.py:217
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig.py:209
+#: src/config/SSSDConfig.py:220
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig.py:212
+#: src/config/SSSDConfig.py:223
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig.py:213
+#: src/config/SSSDConfig.py:224
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig.py:214
+#: src/config/SSSDConfig.py:225
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig.py:217
+#: src/config/SSSDConfig.py:228
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig.py:218
+#: src/config/SSSDConfig.py:229
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig.py:221
+#: src/config/SSSDConfig.py:232
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig.py:222
+#: src/config/SSSDConfig.py:233
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig.py:225
+#: src/config/SSSDConfig.py:236
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig.py:226
+#: src/config/SSSDConfig.py:237
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig.py:229
+#: src/config/SSSDConfig.py:240
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig.py:232
+#: src/config/SSSDConfig.py:243
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2245
+#: src/monitor/monitor.c:2316
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2247
+#: src/monitor/monitor.c:2318
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2249
+#: src/monitor/monitor.c:2320
msgid "Specify a non-default config file"
msgstr ""
#: src/providers/krb5/krb5_child.c:1554 src/providers/ldap/ldap_child.c:360
-#: src/util/util.h:65
+#: src/util/util.h:67
msgid "Debug level"
msgstr ""
#: src/providers/krb5/krb5_child.c:1556 src/providers/ldap/ldap_child.c:362
-#: src/util/util.h:69
+#: src/util/util.h:71
msgid "Add debug timestamps"
msgstr ""
@@ -642,95 +690,95 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:1226
+#: src/providers/data_provider_be.c:1196
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:820
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:825
+#: src/sss_client/common.c:823
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:826
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:831
+#: src/sss_client/common.c:829
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:836
+#: src/sss_client/common.c:834
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:842
+#: src/sss_client/common.c:840
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:378
+#: src/sss_client/pam_sss.c:374
msgid "Passwords do not match"
msgstr "Les mots de passe ne correspondent pas"
-#: src/sss_client/pam_sss.c:571
+#: src/sss_client/pam_sss.c:567
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:612
+#: src/sss_client/pam_sss.c:608
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:613
+#: src/sss_client/pam_sss.c:609
msgid ", your cached password will expire at: "
msgstr ""
-#: src/sss_client/pam_sss.c:643
+#: src/sss_client/pam_sss.c:639
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:689
+#: src/sss_client/pam_sss.c:685
#, fuzzy, c-format
msgid "Your password will expire in %d %s."
msgstr "Le mot de passe a expiré."
-#: src/sss_client/pam_sss.c:738
+#: src/sss_client/pam_sss.c:734
msgid "Authentication is denied until: "
msgstr ""
-#: src/sss_client/pam_sss.c:765
+#: src/sss_client/pam_sss.c:761
msgid "System is offline, password change not possible"
msgstr ""
-#: src/sss_client/pam_sss.c:795 src/sss_client/pam_sss.c:808
+#: src/sss_client/pam_sss.c:791 src/sss_client/pam_sss.c:804
#, fuzzy
msgid "Password change failed. "
msgstr "Le mot de passe a expiré."
-#: src/sss_client/pam_sss.c:798 src/sss_client/pam_sss.c:809
+#: src/sss_client/pam_sss.c:794 src/sss_client/pam_sss.c:805
msgid "Server message: "
msgstr ""
-#: src/sss_client/pam_sss.c:1212
+#: src/sss_client/pam_sss.c:1208
msgid "New Password: "
msgstr "Nouveau mot de passe : "
-#: src/sss_client/pam_sss.c:1213
+#: src/sss_client/pam_sss.c:1209
msgid "Reenter new Password: "
msgstr "Retaper le nouveau mot de passe : "
-#: src/sss_client/pam_sss.c:1295
+#: src/sss_client/pam_sss.c:1291
msgid "Password: "
msgstr "Mot de passe : "
-#: src/sss_client/pam_sss.c:1327
+#: src/sss_client/pam_sss.c:1323
#, fuzzy
msgid "Current Password: "
msgstr "Nouveau mot de passe : "
-#: src/sss_client/pam_sss.c:1473
+#: src/sss_client/pam_sss.c:1469
msgid "Password expired. Change your password now."
msgstr ""
@@ -1128,6 +1176,6 @@ msgstr ""
msgid "%s must be run as root\n"
msgstr ""
-#: src/util/util.h:67
+#: src/util/util.h:69
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/id.po b/po/id.po
index 6d6a6ed96..b7b259218 100644
--- a/po/id.po
+++ b/po/id.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-04-27 11:41-0400\n"
+"POT-Creation-Date: 2011-08-02 15:55-0400\n"
"PO-Revision-Date: 2010-03-09 10:34+0700\n"
"Last-Translator: Teguh DC <dheche@songolimo.net>\n"
"Language-Team: Fedora Indonesia <trans-id@lists.fedoraproject.org>\n"
@@ -89,586 +89,636 @@ msgstr "Haruskah pengguna yang disaring muncul dalam grup"
msgid "The value of the password field the NSS provider should return"
msgstr "Nilai kolom kata sandi yang harus dikembalikan oleh penyedia NSS"
+#: src/config/SSSDConfig.py:61
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:62
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
#: src/config/SSSDConfig.py:63
-msgid "How long to allow cached logins between online logins (days)"
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
msgstr ""
#: src/config/SSSDConfig.py:64
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig.py:67
+msgid "How long to allow cached logins between online logins (days)"
+msgstr ""
+
+#: src/config/SSSDConfig.py:68
msgid "How many failed logins attempts are allowed when offline"
msgstr ""
-#: src/config/SSSDConfig.py:65
+#: src/config/SSSDConfig.py:69
msgid ""
"How long (minutes) to deny login after offline_failed_login_attempts has "
"been reached"
msgstr ""
-#: src/config/SSSDConfig.py:66
+#: src/config/SSSDConfig.py:70
msgid "What kind of messages are displayed to the user during authentication"
msgstr ""
-#: src/config/SSSDConfig.py:67
+#: src/config/SSSDConfig.py:71
msgid "How many seconds to keep identity information cached for PAM requests"
msgstr ""
-#: src/config/SSSDConfig.py:68
+#: src/config/SSSDConfig.py:72
msgid "How many days before password expiration a warning should be displayed"
msgstr ""
-#: src/config/SSSDConfig.py:71
+#: src/config/SSSDConfig.py:75
msgid "Identity provider"
msgstr "Penyedia identitas"
-#: src/config/SSSDConfig.py:72
+#: src/config/SSSDConfig.py:76
msgid "Authentication provider"
msgstr "Penyedia otentikasi"
-#: src/config/SSSDConfig.py:73
+#: src/config/SSSDConfig.py:77
msgid "Access control provider"
msgstr "Penyedia kontrol akses"
-#: src/config/SSSDConfig.py:74
+#: src/config/SSSDConfig.py:78
msgid "Password change provider"
msgstr "Penyedia pengubah kata sandi"
-#: src/config/SSSDConfig.py:77
+#: src/config/SSSDConfig.py:81
msgid "Minimum user ID"
msgstr "ID pengguna minimum"
-#: src/config/SSSDConfig.py:78
+#: src/config/SSSDConfig.py:82
msgid "Maximum user ID"
msgstr "ID pengguna maksimum"
-#: src/config/SSSDConfig.py:79
+#: src/config/SSSDConfig.py:83
msgid "Enable enumerating all users/groups"
msgstr ""
-#: src/config/SSSDConfig.py:80
+#: src/config/SSSDConfig.py:84
msgid "Cache credentials for offline login"
msgstr ""
-#: src/config/SSSDConfig.py:81
+#: src/config/SSSDConfig.py:85
msgid "Store password hashes"
msgstr ""
-#: src/config/SSSDConfig.py:82
+#: src/config/SSSDConfig.py:86
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig.py:83
+#: src/config/SSSDConfig.py:87
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:84
+#: src/config/SSSDConfig.py:88
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig.py:85
+#: src/config/SSSDConfig.py:89
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig.py:86
+#: src/config/SSSDConfig.py:90
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:87
+#: src/config/SSSDConfig.py:91
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig.py:90
+#: src/config/SSSDConfig.py:92
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:95
msgid "IPA domain"
msgstr "Domain IPA"
-#: src/config/SSSDConfig.py:91
+#: src/config/SSSDConfig.py:96
msgid "IPA server address"
msgstr "Alamat server IPA"
-#: src/config/SSSDConfig.py:92
+#: src/config/SSSDConfig.py:97
msgid "IPA client hostname"
msgstr "Nama host klien IPA"
-#: src/config/SSSDConfig.py:93
+#: src/config/SSSDConfig.py:98
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig.py:94
+#: src/config/SSSDConfig.py:99
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig.py:95
+#: src/config/SSSDConfig.py:100
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig.py:98 src/config/SSSDConfig.py:99
+#: src/config/SSSDConfig.py:101
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig.py:102
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig.py:105 src/config/SSSDConfig.py:106
msgid "Kerberos server address"
msgstr "Alamat server Kerberos"
-#: src/config/SSSDConfig.py:100
+#: src/config/SSSDConfig.py:107
msgid "Kerberos realm"
msgstr "Realm Kerberos"
-#: src/config/SSSDConfig.py:101
+#: src/config/SSSDConfig.py:108
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig.py:104
+#: src/config/SSSDConfig.py:111
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig.py:105
+#: src/config/SSSDConfig.py:112
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig.py:106
+#: src/config/SSSDConfig.py:113
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig.py:107
+#: src/config/SSSDConfig.py:114
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig.py:108
+#: src/config/SSSDConfig.py:115
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig.py:109
+#: src/config/SSSDConfig.py:116
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:110
+#: src/config/SSSDConfig.py:117
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:111
+#: src/config/SSSDConfig.py:118
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig.py:112
+#: src/config/SSSDConfig.py:119
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig.py:115
+#: src/config/SSSDConfig.py:122
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig.py:118
+#: src/config/SSSDConfig.py:125
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, URI server LDAP"
-#: src/config/SSSDConfig.py:119
+#: src/config/SSSDConfig.py:126
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig.py:120
+#: src/config/SSSDConfig.py:127
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Jenis Skema yang digunakan pada server LDAP, rfc2307"
-#: src/config/SSSDConfig.py:121
+#: src/config/SSSDConfig.py:128
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:122
+#: src/config/SSSDConfig.py:129
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:123
+#: src/config/SSSDConfig.py:130
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:124
+#: src/config/SSSDConfig.py:131
msgid "Length of time to attempt connection"
msgstr "Lamanya waktu untuk mencoba koneksi"
-#: src/config/SSSDConfig.py:125
+#: src/config/SSSDConfig.py:132
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Lamanya waktu untuk mencoba operasi LDAP yang sinkron"
-#: src/config/SSSDConfig.py:126
+#: src/config/SSSDConfig.py:133
msgid "Length of time between attempts to reconnect while offline"
msgstr "Lamanya waktu antara upaya untuk menyambung kembali saat luring"
-#: src/config/SSSDConfig.py:127
+#: src/config/SSSDConfig.py:134
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig.py:128
+#: src/config/SSSDConfig.py:135
#, fuzzy
msgid "File that contains CA certificates"
msgstr "berkas yang berisi sertifikat CA"
-#: src/config/SSSDConfig.py:129
+#: src/config/SSSDConfig.py:136
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig.py:130
+#: src/config/SSSDConfig.py:137
#, fuzzy
msgid "File that contains the client certificate"
msgstr "berkas yang berisi sertifikat CA"
-#: src/config/SSSDConfig.py:131
+#: src/config/SSSDConfig.py:138
#, fuzzy
msgid "File that contains the client key"
msgstr "berkas yang berisi sertifikat CA"
-#: src/config/SSSDConfig.py:132
+#: src/config/SSSDConfig.py:139
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig.py:133
+#: src/config/SSSDConfig.py:140
msgid "Require TLS certificate verification"
msgstr "Membutuhkan verifikasi sertifikat TLS"
-#: src/config/SSSDConfig.py:134
+#: src/config/SSSDConfig.py:141
msgid "Specify the sasl mechanism to use"
msgstr "Tentukan mekanisme sasl yang digunakan"
-#: src/config/SSSDConfig.py:135
+#: src/config/SSSDConfig.py:142
msgid "Specify the sasl authorization id to use"
msgstr "Tentukan id otorisasi sasl yang digunakan"
-#: src/config/SSSDConfig.py:136
+#: src/config/SSSDConfig.py:143
#, fuzzy
msgid "Specify the sasl authorization realm to use"
msgstr "Tentukan id otorisasi sasl yang digunakan"
-#: src/config/SSSDConfig.py:137
+#: src/config/SSSDConfig.py:144
msgid "Kerberos service keytab"
msgstr "Keytab layanan Kerberos"
-#: src/config/SSSDConfig.py:138
+#: src/config/SSSDConfig.py:145
msgid "Use Kerberos auth for LDAP connection"
msgstr "Gunakan otentikasi Kerberos untuk koneksi LDAP"
-#: src/config/SSSDConfig.py:139
+#: src/config/SSSDConfig.py:146
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig.py:140
+#: src/config/SSSDConfig.py:147
#, fuzzy
msgid "Lifetime of TGT for LDAP connection"
msgstr "Gunakan otentikasi Kerberos untuk koneksi LDAP"
-#: src/config/SSSDConfig.py:141
+#: src/config/SSSDConfig.py:148
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig.py:142
+#: src/config/SSSDConfig.py:149
#, fuzzy
msgid "Service name for DNS service lookups"
msgstr "Filter pencarian pengguna"
-#: src/config/SSSDConfig.py:143
+#: src/config/SSSDConfig.py:150
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig.py:145
+#: src/config/SSSDConfig.py:151
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig.py:153
#, fuzzy
msgid "entryUSN attribute"
msgstr "Atribut UID"
-#: src/config/SSSDConfig.py:146
+#: src/config/SSSDConfig.py:154
#, fuzzy
msgid "lastUSN attribute"
msgstr "Atribut UID"
-#: src/config/SSSDConfig.py:149
+#: src/config/SSSDConfig.py:157
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig.py:150
+#: src/config/SSSDConfig.py:158
#, fuzzy
msgid "Length of time to wait for a enumeration request"
msgstr "Lamanya waktu untuk mencoba koneksi"
-#: src/config/SSSDConfig.py:151
+#: src/config/SSSDConfig.py:159
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig.py:152
+#: src/config/SSSDConfig.py:160
#, fuzzy
msgid "Length of time between cache cleanups"
msgstr "Lamanya waktu antara upaya untuk menyambung kembali saat luring"
-#: src/config/SSSDConfig.py:153
+#: src/config/SSSDConfig.py:161
#, fuzzy
msgid "Require TLS for ID lookups"
msgstr "Filter pencarian pengguna"
-#: src/config/SSSDConfig.py:154
+#: src/config/SSSDConfig.py:162
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:155
+#: src/config/SSSDConfig.py:163
msgid "Scope of user lookups"
msgstr "Lingkup pencarian pengguna"
-#: src/config/SSSDConfig.py:156
+#: src/config/SSSDConfig.py:164
msgid "Filter for user lookups"
msgstr "Filter pencarian pengguna"
-#: src/config/SSSDConfig.py:157
+#: src/config/SSSDConfig.py:165
msgid "Objectclass for users"
msgstr "Objectclass untuk pengguna"
-#: src/config/SSSDConfig.py:158
+#: src/config/SSSDConfig.py:166
msgid "Username attribute"
msgstr "Atribut Nama pengguna"
-#: src/config/SSSDConfig.py:160
+#: src/config/SSSDConfig.py:168
msgid "UID attribute"
msgstr "Atribut UID"
-#: src/config/SSSDConfig.py:161
+#: src/config/SSSDConfig.py:169
msgid "Primary GID attribute"
msgstr "Atribut GID Primer"
-#: src/config/SSSDConfig.py:162
+#: src/config/SSSDConfig.py:170
msgid "GECOS attribute"
msgstr "Atribut GECOS"
-#: src/config/SSSDConfig.py:163
+#: src/config/SSSDConfig.py:171
msgid "Home directory attribute"
msgstr "Atribut direktori Home"
-#: src/config/SSSDConfig.py:164
+#: src/config/SSSDConfig.py:172
msgid "Shell attribute"
msgstr "Atribut Shell"
-#: src/config/SSSDConfig.py:165
+#: src/config/SSSDConfig.py:173
msgid "UUID attribute"
msgstr "Atribut UUID"
-#: src/config/SSSDConfig.py:166
+#: src/config/SSSDConfig.py:174
msgid "User principal attribute (for Kerberos)"
msgstr "Atribut utama pengguna (untuk Kerberos)"
-#: src/config/SSSDConfig.py:167
+#: src/config/SSSDConfig.py:175
msgid "Full Name"
msgstr "Nama Lengkap"
-#: src/config/SSSDConfig.py:168
+#: src/config/SSSDConfig.py:176
msgid "memberOf attribute"
msgstr "Atribut memberOf"
-#: src/config/SSSDConfig.py:169
+#: src/config/SSSDConfig.py:177
msgid "Modification time attribute"
msgstr "Atribut waktu modifikasi"
-#: src/config/SSSDConfig.py:171
+#: src/config/SSSDConfig.py:179
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:172
+#: src/config/SSSDConfig.py:180
#, fuzzy
msgid "shadowMin attribute"
msgstr "Atribut Nama pengguna"
-#: src/config/SSSDConfig.py:173
+#: src/config/SSSDConfig.py:181
#, fuzzy
msgid "shadowMax attribute"
msgstr "Atribut Nama pengguna"
-#: src/config/SSSDConfig.py:174
+#: src/config/SSSDConfig.py:182
#, fuzzy
msgid "shadowWarning attribute"
msgstr "Atribut Nama pengguna"
-#: src/config/SSSDConfig.py:175
+#: src/config/SSSDConfig.py:183
#, fuzzy
msgid "shadowInactive attribute"
msgstr "Atribut Nama pengguna"
-#: src/config/SSSDConfig.py:176
+#: src/config/SSSDConfig.py:184
#, fuzzy
msgid "shadowExpire attribute"
msgstr "Atribut Nama pengguna"
-#: src/config/SSSDConfig.py:177
+#: src/config/SSSDConfig.py:185
#, fuzzy
msgid "shadowFlag attribute"
msgstr "Atribut Shell"
-#: src/config/SSSDConfig.py:178
+#: src/config/SSSDConfig.py:186
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig.py:179
+#: src/config/SSSDConfig.py:187
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig.py:180
+#: src/config/SSSDConfig.py:188
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:181
+#: src/config/SSSDConfig.py:189
#, fuzzy
msgid "krbPasswordExpiration attribute"
msgstr "Atribut waktu modifikasi"
-#: src/config/SSSDConfig.py:182
+#: src/config/SSSDConfig.py:190
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig.py:183
+#: src/config/SSSDConfig.py:191
#, fuzzy
msgid "accountExpires attribute of AD"
msgstr "Atribut Nama pengguna"
-#: src/config/SSSDConfig.py:184
+#: src/config/SSSDConfig.py:192
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:185
+#: src/config/SSSDConfig.py:193
#, fuzzy
msgid "nsAccountLock attribute"
msgstr "Atribut Nama pengguna"
-#: src/config/SSSDConfig.py:187
+#: src/config/SSSDConfig.py:194
+#, fuzzy
+msgid "loginDisabled attribute of NDS"
+msgstr "Atribut Nama pengguna"
+
+#: src/config/SSSDConfig.py:195
+#, fuzzy
+msgid "loginExpirationTime attribute of NDS"
+msgstr "Atribut Nama pengguna"
+
+#: src/config/SSSDConfig.py:196
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:198
#, fuzzy
msgid "Base DN for group lookups"
msgstr "Filter pencarian pengguna"
-#: src/config/SSSDConfig.py:190
+#: src/config/SSSDConfig.py:201
#, fuzzy
msgid "Objectclass for groups"
msgstr "Objectclass untuk pengguna"
-#: src/config/SSSDConfig.py:191
+#: src/config/SSSDConfig.py:202
#, fuzzy
msgid "Group name"
msgstr "Grup"
-#: src/config/SSSDConfig.py:192
+#: src/config/SSSDConfig.py:203
#, fuzzy
msgid "Group password"
msgstr "Grup"
-#: src/config/SSSDConfig.py:193
+#: src/config/SSSDConfig.py:204
#, fuzzy
msgid "GID attribute"
msgstr "Atribut UID"
-#: src/config/SSSDConfig.py:194
+#: src/config/SSSDConfig.py:205
#, fuzzy
msgid "Group member attribute"
msgstr "Atribut memberOf"
-#: src/config/SSSDConfig.py:195
+#: src/config/SSSDConfig.py:206
#, fuzzy
msgid "Group UUID attribute"
msgstr "Atribut UUID"
-#: src/config/SSSDConfig.py:196
+#: src/config/SSSDConfig.py:207
#, fuzzy
msgid "Modification time attribute for groups"
msgstr "Atribut waktu modifikasi"
-#: src/config/SSSDConfig.py:198
+#: src/config/SSSDConfig.py:209
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig.py:200
+#: src/config/SSSDConfig.py:211
#, fuzzy
msgid "Base DN for netgroup lookups"
msgstr "Filter pencarian pengguna"
-#: src/config/SSSDConfig.py:201
+#: src/config/SSSDConfig.py:212
#, fuzzy
msgid "Objectclass for netgroups"
msgstr "Objectclass untuk pengguna"
-#: src/config/SSSDConfig.py:202
+#: src/config/SSSDConfig.py:213
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig.py:203
+#: src/config/SSSDConfig.py:214
#, fuzzy
msgid "Netgroups members attribute"
msgstr "Atribut memberOf"
-#: src/config/SSSDConfig.py:204
+#: src/config/SSSDConfig.py:215
#, fuzzy
msgid "Netgroup triple attribute"
msgstr "Atribut waktu modifikasi"
-#: src/config/SSSDConfig.py:205
+#: src/config/SSSDConfig.py:216
#, fuzzy
msgid "Netgroup UUID attribute"
msgstr "Atribut UUID"
-#: src/config/SSSDConfig.py:206
+#: src/config/SSSDConfig.py:217
#, fuzzy
msgid "Modification time attribute for netgroups"
msgstr "Atribut waktu modifikasi"
-#: src/config/SSSDConfig.py:209
+#: src/config/SSSDConfig.py:220
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig.py:212
+#: src/config/SSSDConfig.py:223
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig.py:213
+#: src/config/SSSDConfig.py:224
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig.py:214
+#: src/config/SSSDConfig.py:225
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig.py:217
+#: src/config/SSSDConfig.py:228
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig.py:218
+#: src/config/SSSDConfig.py:229
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig.py:221
+#: src/config/SSSDConfig.py:232
msgid "Comma separated list of allowed users"
msgstr "Daftar pengguna yang diijinkan dalam format yang dipisahkan koma"
-#: src/config/SSSDConfig.py:222
+#: src/config/SSSDConfig.py:233
msgid "Comma separated list of prohibited users"
msgstr "Daftar pengguna yang tidak diijinkan dalam format yang dipisahkan koma"
-#: src/config/SSSDConfig.py:225
+#: src/config/SSSDConfig.py:236
msgid "Default shell, /bin/bash"
msgstr "Shell default, /bin/bash"
-#: src/config/SSSDConfig.py:226
+#: src/config/SSSDConfig.py:237
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig.py:229
+#: src/config/SSSDConfig.py:240
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig.py:232
+#: src/config/SSSDConfig.py:243
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2245
+#: src/monitor/monitor.c:2316
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2247
+#: src/monitor/monitor.c:2318
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2249
+#: src/monitor/monitor.c:2320
msgid "Specify a non-default config file"
msgstr ""
#: src/providers/krb5/krb5_child.c:1554 src/providers/ldap/ldap_child.c:360
-#: src/util/util.h:65
+#: src/util/util.h:67
msgid "Debug level"
msgstr ""
#: src/providers/krb5/krb5_child.c:1556 src/providers/ldap/ldap_child.c:362
-#: src/util/util.h:69
+#: src/util/util.h:71
msgid "Add debug timestamps"
msgstr ""
@@ -677,94 +727,94 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr "Mengatur verbosity dari pencatatan debug"
-#: src/providers/data_provider_be.c:1226
+#: src/providers/data_provider_be.c:1196
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:820
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:825
+#: src/sss_client/common.c:823
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:826
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:831
+#: src/sss_client/common.c:829
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:836
+#: src/sss_client/common.c:834
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:842
+#: src/sss_client/common.c:840
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:378
+#: src/sss_client/pam_sss.c:374
msgid "Passwords do not match"
msgstr "Kata sandi tidak cocok"
-#: src/sss_client/pam_sss.c:571
+#: src/sss_client/pam_sss.c:567
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:612
+#: src/sss_client/pam_sss.c:608
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:613
+#: src/sss_client/pam_sss.c:609
msgid ", your cached password will expire at: "
msgstr ""
-#: src/sss_client/pam_sss.c:643
+#: src/sss_client/pam_sss.c:639
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:689
+#: src/sss_client/pam_sss.c:685
#, c-format
msgid "Your password will expire in %d %s."
msgstr ""
-#: src/sss_client/pam_sss.c:738
+#: src/sss_client/pam_sss.c:734
#, fuzzy
msgid "Authentication is denied until: "
msgstr "Otentikasi luring, otentikasi ditolak sampai:"
-#: src/sss_client/pam_sss.c:765
+#: src/sss_client/pam_sss.c:761
msgid "System is offline, password change not possible"
msgstr "Sistem sedang luring, perubahan kata sandi tidak dimungkinkan"
-#: src/sss_client/pam_sss.c:795 src/sss_client/pam_sss.c:808
+#: src/sss_client/pam_sss.c:791 src/sss_client/pam_sss.c:804
msgid "Password change failed. "
msgstr "Perubahan kata sandi gagal."
-#: src/sss_client/pam_sss.c:798 src/sss_client/pam_sss.c:809
+#: src/sss_client/pam_sss.c:794 src/sss_client/pam_sss.c:805
msgid "Server message: "
msgstr "Pesan server:"
-#: src/sss_client/pam_sss.c:1212
+#: src/sss_client/pam_sss.c:1208
msgid "New Password: "
msgstr "Kata Sandi Baru: "
-#: src/sss_client/pam_sss.c:1213
+#: src/sss_client/pam_sss.c:1209
msgid "Reenter new Password: "
msgstr "Masukkan lagi kata sandi baru:"
-#: src/sss_client/pam_sss.c:1295
+#: src/sss_client/pam_sss.c:1291
msgid "Password: "
msgstr "Kata sandi:"
-#: src/sss_client/pam_sss.c:1327
+#: src/sss_client/pam_sss.c:1323
msgid "Current Password: "
msgstr "Kata sandi saat ini:"
-#: src/sss_client/pam_sss.c:1473
+#: src/sss_client/pam_sss.c:1469
msgid "Password expired. Change your password now."
msgstr ""
@@ -1187,7 +1237,7 @@ msgstr "Kehabisan memori\n"
msgid "%s must be run as root\n"
msgstr "%s harus dijalankan sebagai root\n"
-#: src/util/util.h:67
+#: src/util/util.h:69
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/it.po b/po/it.po
index 8f33142ea..bb526dbcd 100644
--- a/po/it.po
+++ b/po/it.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: it\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-04-27 11:41-0400\n"
+"POT-Creation-Date: 2011-08-02 15:55-0400\n"
"PO-Revision-Date: 2010-04-08 16:50+0200\n"
"Last-Translator: Guido Grazioli <guido.grazioli@gmail.com>\n"
"Language-Team: Italian <trans-it@lists.fedoraproject.org>\n"
@@ -94,15 +94,34 @@ msgid "The value of the password field the NSS provider should return"
msgstr ""
"Il valore del campo password che deve essere ritornato dal provider NSS"
+#: src/config/SSSDConfig.py:61
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:62
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
#: src/config/SSSDConfig.py:63
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
+msgstr ""
+
+#: src/config/SSSDConfig.py:64
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig.py:67
msgid "How long to allow cached logins between online logins (days)"
msgstr "Per quanto tempo accettare login in cache tra login online (giorni)"
-#: src/config/SSSDConfig.py:64
+#: src/config/SSSDConfig.py:68
msgid "How many failed logins attempts are allowed when offline"
msgstr "Numero di tentativi di login falliti quando offline"
-#: src/config/SSSDConfig.py:65
+#: src/config/SSSDConfig.py:69
msgid ""
"How long (minutes) to deny login after offline_failed_login_attempts has "
"been reached"
@@ -110,577 +129,608 @@ msgstr ""
"Per quanto tempo (minuti) negare i tentativi di login dopo che "
"offline_failed_login_attemps è stato raggiunto"
-#: src/config/SSSDConfig.py:66
+#: src/config/SSSDConfig.py:70
msgid "What kind of messages are displayed to the user during authentication"
msgstr ""
-#: src/config/SSSDConfig.py:67
+#: src/config/SSSDConfig.py:71
msgid "How many seconds to keep identity information cached for PAM requests"
msgstr ""
-#: src/config/SSSDConfig.py:68
+#: src/config/SSSDConfig.py:72
msgid "How many days before password expiration a warning should be displayed"
msgstr ""
-#: src/config/SSSDConfig.py:71
+#: src/config/SSSDConfig.py:75
msgid "Identity provider"
msgstr "Provider di identità"
-#: src/config/SSSDConfig.py:72
+#: src/config/SSSDConfig.py:76
msgid "Authentication provider"
msgstr "Provider di autenticazione"
-#: src/config/SSSDConfig.py:73
+#: src/config/SSSDConfig.py:77
msgid "Access control provider"
msgstr "Provider di access control"
-#: src/config/SSSDConfig.py:74
+#: src/config/SSSDConfig.py:78
msgid "Password change provider"
msgstr "Provider di cambio password"
-#: src/config/SSSDConfig.py:77
+#: src/config/SSSDConfig.py:81
msgid "Minimum user ID"
msgstr "ID utente minimo"
-#: src/config/SSSDConfig.py:78
+#: src/config/SSSDConfig.py:82
msgid "Maximum user ID"
msgstr "ID utente massimo"
-#: src/config/SSSDConfig.py:79
+#: src/config/SSSDConfig.py:83
msgid "Enable enumerating all users/groups"
msgstr "Consentire l'enumerazione di tutti gli utenti/gruppi"
-#: src/config/SSSDConfig.py:80
+#: src/config/SSSDConfig.py:84
msgid "Cache credentials for offline login"
msgstr "Salvare in cache le credenziali per login offline"
-#: src/config/SSSDConfig.py:81
+#: src/config/SSSDConfig.py:85
msgid "Store password hashes"
msgstr "Salvare gli hash delle password"
-#: src/config/SSSDConfig.py:82
+#: src/config/SSSDConfig.py:86
msgid "Display users/groups in fully-qualified form"
msgstr "Mostrare utenti/gruppi in formato fully-qualified"
-#: src/config/SSSDConfig.py:83
+#: src/config/SSSDConfig.py:87
msgid "Entry cache timeout length (seconds)"
msgstr "Durata timeout elementi in cache (secondi)"
-#: src/config/SSSDConfig.py:84
+#: src/config/SSSDConfig.py:88
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Restringere o preferire una specifica famiglia di indirizzi per l'esecuzione "
"di lookup DNS"
-#: src/config/SSSDConfig.py:85
+#: src/config/SSSDConfig.py:89
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Per quanto tempo tenere in cache gli elementi dopo un login che ha avuto "
"successo (giorni)"
-#: src/config/SSSDConfig.py:86
+#: src/config/SSSDConfig.py:90
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:87
+#: src/config/SSSDConfig.py:91
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig.py:90
+#: src/config/SSSDConfig.py:92
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:95
msgid "IPA domain"
msgstr "Dominio IPA"
-#: src/config/SSSDConfig.py:91
+#: src/config/SSSDConfig.py:96
msgid "IPA server address"
msgstr "Indirizzo del server IPA"
-#: src/config/SSSDConfig.py:92
+#: src/config/SSSDConfig.py:97
msgid "IPA client hostname"
msgstr "Hostname del client IPA"
-#: src/config/SSSDConfig.py:93
+#: src/config/SSSDConfig.py:98
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig.py:94
+#: src/config/SSSDConfig.py:99
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig.py:95
+#: src/config/SSSDConfig.py:100
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig.py:98 src/config/SSSDConfig.py:99
+#: src/config/SSSDConfig.py:101
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig.py:102
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig.py:105 src/config/SSSDConfig.py:106
msgid "Kerberos server address"
msgstr "Indirizzo del server Kerberos"
-#: src/config/SSSDConfig.py:100
+#: src/config/SSSDConfig.py:107
msgid "Kerberos realm"
msgstr "Realm Kerberos"
-#: src/config/SSSDConfig.py:101
+#: src/config/SSSDConfig.py:108
msgid "Authentication timeout"
msgstr "Timeout di autenticazione"
-#: src/config/SSSDConfig.py:104
+#: src/config/SSSDConfig.py:111
msgid "Directory to store credential caches"
msgstr "Directory in cui salvare le credenziali"
-#: src/config/SSSDConfig.py:105
+#: src/config/SSSDConfig.py:112
msgid "Location of the user's credential cache"
msgstr "Percorso della cache delle credenziali utente"
-#: src/config/SSSDConfig.py:106
+#: src/config/SSSDConfig.py:113
msgid "Location of the keytab to validate credentials"
msgstr "Percorso del keytab per la validazione delle credenziali"
-#: src/config/SSSDConfig.py:107
+#: src/config/SSSDConfig.py:114
msgid "Enable credential validation"
msgstr "Abilita la validazione delle credenziali"
-#: src/config/SSSDConfig.py:108
+#: src/config/SSSDConfig.py:115
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig.py:109
+#: src/config/SSSDConfig.py:116
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:110
+#: src/config/SSSDConfig.py:117
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:111
+#: src/config/SSSDConfig.py:118
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig.py:112
+#: src/config/SSSDConfig.py:119
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig.py:115
+#: src/config/SSSDConfig.py:122
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Server dove viene eseguito il servizio di cambio password, se non nel KDC"
-#: src/config/SSSDConfig.py:118
+#: src/config/SSSDConfig.py:125
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, l'indirizzo del server LDAP"
-#: src/config/SSSDConfig.py:119
+#: src/config/SSSDConfig.py:126
msgid "The default base DN"
msgstr "Il base DN predefinito"
-#: src/config/SSSDConfig.py:120
+#: src/config/SSSDConfig.py:127
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Lo Schema Type utilizzato dal server LDAP, rfc2307"
-#: src/config/SSSDConfig.py:121
+#: src/config/SSSDConfig.py:128
msgid "The default bind DN"
msgstr "Il bind DN predefinito"
-#: src/config/SSSDConfig.py:122
+#: src/config/SSSDConfig.py:129
msgid "The type of the authentication token of the default bind DN"
msgstr "Il tipo di token di autenticazione del bind DN predefinito"
-#: src/config/SSSDConfig.py:123
+#: src/config/SSSDConfig.py:130
msgid "The authentication token of the default bind DN"
msgstr "Il token di autenticazione del bind DN predefinito"
-#: src/config/SSSDConfig.py:124
+#: src/config/SSSDConfig.py:131
msgid "Length of time to attempt connection"
msgstr "Durata del tentativo di connessione"
-#: src/config/SSSDConfig.py:125
+#: src/config/SSSDConfig.py:132
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Durata del tentativo di esecuzione di operazioni LDAP sincrone"
-#: src/config/SSSDConfig.py:126
+#: src/config/SSSDConfig.py:133
msgid "Length of time between attempts to reconnect while offline"
msgstr "Durata tra tentativi di riconnessione quando offline"
-#: src/config/SSSDConfig.py:127
+#: src/config/SSSDConfig.py:134
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig.py:128
+#: src/config/SSSDConfig.py:135
#, fuzzy
msgid "File that contains CA certificates"
msgstr "file che contiene certificati CA"
-#: src/config/SSSDConfig.py:129
+#: src/config/SSSDConfig.py:136
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig.py:130
+#: src/config/SSSDConfig.py:137
#, fuzzy
msgid "File that contains the client certificate"
msgstr "file che contiene certificati CA"
-#: src/config/SSSDConfig.py:131
+#: src/config/SSSDConfig.py:138
#, fuzzy
msgid "File that contains the client key"
msgstr "file che contiene certificati CA"
-#: src/config/SSSDConfig.py:132
+#: src/config/SSSDConfig.py:139
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig.py:133
+#: src/config/SSSDConfig.py:140
msgid "Require TLS certificate verification"
msgstr "Richiedere la verifica del certificato TLS"
-#: src/config/SSSDConfig.py:134
+#: src/config/SSSDConfig.py:141
msgid "Specify the sasl mechanism to use"
msgstr "Specificare il meccanismo sasl da usare"
-#: src/config/SSSDConfig.py:135
+#: src/config/SSSDConfig.py:142
msgid "Specify the sasl authorization id to use"
msgstr "Specificare l'id di autorizzazione sasl da usare"
-#: src/config/SSSDConfig.py:136
+#: src/config/SSSDConfig.py:143
#, fuzzy
msgid "Specify the sasl authorization realm to use"
msgstr "Specificare l'id di autorizzazione sasl da usare"
-#: src/config/SSSDConfig.py:137
+#: src/config/SSSDConfig.py:144
msgid "Kerberos service keytab"
msgstr "Keytab del servizio Kerberos"
-#: src/config/SSSDConfig.py:138
+#: src/config/SSSDConfig.py:145
msgid "Use Kerberos auth for LDAP connection"
msgstr "Usare autorizzazione Kerberos per la connessione LDAP"
-#: src/config/SSSDConfig.py:139
+#: src/config/SSSDConfig.py:146
msgid "Follow LDAP referrals"
msgstr "Seguire i referral LDAP"
-#: src/config/SSSDConfig.py:140
+#: src/config/SSSDConfig.py:147
#, fuzzy
msgid "Lifetime of TGT for LDAP connection"
msgstr "Usare autorizzazione Kerberos per la connessione LDAP"
-#: src/config/SSSDConfig.py:141
+#: src/config/SSSDConfig.py:148
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig.py:142
+#: src/config/SSSDConfig.py:149
#, fuzzy
msgid "Service name for DNS service lookups"
msgstr "Filtro per i lookup utente"
-#: src/config/SSSDConfig.py:143
+#: src/config/SSSDConfig.py:150
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig.py:145
+#: src/config/SSSDConfig.py:151
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig.py:153
#, fuzzy
msgid "entryUSN attribute"
msgstr "Attributo UID"
-#: src/config/SSSDConfig.py:146
+#: src/config/SSSDConfig.py:154
#, fuzzy
msgid "lastUSN attribute"
msgstr "Attributo UID"
-#: src/config/SSSDConfig.py:149
+#: src/config/SSSDConfig.py:157
msgid "Length of time to wait for a search request"
msgstr "Durata attesa per le richieste di ricerca"
-#: src/config/SSSDConfig.py:150
+#: src/config/SSSDConfig.py:158
#, fuzzy
msgid "Length of time to wait for a enumeration request"
msgstr "Durata attesa per le richieste di ricerca"
-#: src/config/SSSDConfig.py:151
+#: src/config/SSSDConfig.py:159
msgid "Length of time between enumeration updates"
msgstr "Durata tra gli aggiornamenti alle enumeration"
-#: src/config/SSSDConfig.py:152
+#: src/config/SSSDConfig.py:160
#, fuzzy
msgid "Length of time between cache cleanups"
msgstr "Durata tra gli aggiornamenti alle enumeration"
-#: src/config/SSSDConfig.py:153
+#: src/config/SSSDConfig.py:161
#, fuzzy
msgid "Require TLS for ID lookups"
msgstr "Richiedere TLS per gli ID lookup, false"
-#: src/config/SSSDConfig.py:154
+#: src/config/SSSDConfig.py:162
msgid "Base DN for user lookups"
msgstr "Base DN per i lookup utente"
-#: src/config/SSSDConfig.py:155
+#: src/config/SSSDConfig.py:163
msgid "Scope of user lookups"
msgstr "Ambito di applicazione dei lookup utente"
-#: src/config/SSSDConfig.py:156
+#: src/config/SSSDConfig.py:164
msgid "Filter for user lookups"
msgstr "Filtro per i lookup utente"
-#: src/config/SSSDConfig.py:157
+#: src/config/SSSDConfig.py:165
msgid "Objectclass for users"
msgstr "Objectclass per gli utenti"
-#: src/config/SSSDConfig.py:158
+#: src/config/SSSDConfig.py:166
msgid "Username attribute"
msgstr "Attributo del nome utente"
-#: src/config/SSSDConfig.py:160
+#: src/config/SSSDConfig.py:168
msgid "UID attribute"
msgstr "Attributo UID"
-#: src/config/SSSDConfig.py:161
+#: src/config/SSSDConfig.py:169
msgid "Primary GID attribute"
msgstr "Attributo del GID primario"
-#: src/config/SSSDConfig.py:162
+#: src/config/SSSDConfig.py:170
msgid "GECOS attribute"
msgstr "Attributo GECOS"
-#: src/config/SSSDConfig.py:163
+#: src/config/SSSDConfig.py:171
msgid "Home directory attribute"
msgstr "Attributo della home directory"
-#: src/config/SSSDConfig.py:164
+#: src/config/SSSDConfig.py:172
msgid "Shell attribute"
msgstr "Attributo della shell"
-#: src/config/SSSDConfig.py:165
+#: src/config/SSSDConfig.py:173
msgid "UUID attribute"
msgstr "Attributo UUID"
-#: src/config/SSSDConfig.py:166
+#: src/config/SSSDConfig.py:174
msgid "User principal attribute (for Kerberos)"
msgstr "Attributo user principal (per Kerberos)"
-#: src/config/SSSDConfig.py:167
+#: src/config/SSSDConfig.py:175
msgid "Full Name"
msgstr "Nome completo"
-#: src/config/SSSDConfig.py:168
+#: src/config/SSSDConfig.py:176
msgid "memberOf attribute"
msgstr "Attributo memberOf"
-#: src/config/SSSDConfig.py:169
+#: src/config/SSSDConfig.py:177
msgid "Modification time attribute"
msgstr "Attributo data di modifica"
-#: src/config/SSSDConfig.py:171
+#: src/config/SSSDConfig.py:179
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:172
+#: src/config/SSSDConfig.py:180
#, fuzzy
msgid "shadowMin attribute"
msgstr "Attributo del nome utente"
-#: src/config/SSSDConfig.py:173
+#: src/config/SSSDConfig.py:181
#, fuzzy
msgid "shadowMax attribute"
msgstr "Attributo del nome utente"
-#: src/config/SSSDConfig.py:174
+#: src/config/SSSDConfig.py:182
#, fuzzy
msgid "shadowWarning attribute"
msgstr "Attributo del nome utente"
-#: src/config/SSSDConfig.py:175
+#: src/config/SSSDConfig.py:183
#, fuzzy
msgid "shadowInactive attribute"
msgstr "Attributo del nome utente"
-#: src/config/SSSDConfig.py:176
+#: src/config/SSSDConfig.py:184
#, fuzzy
msgid "shadowExpire attribute"
msgstr "Attributo del nome utente"
-#: src/config/SSSDConfig.py:177
+#: src/config/SSSDConfig.py:185
#, fuzzy
msgid "shadowFlag attribute"
msgstr "Attributo della shell"
-#: src/config/SSSDConfig.py:178
+#: src/config/SSSDConfig.py:186
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig.py:179
+#: src/config/SSSDConfig.py:187
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig.py:180
+#: src/config/SSSDConfig.py:188
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:181
+#: src/config/SSSDConfig.py:189
#, fuzzy
msgid "krbPasswordExpiration attribute"
msgstr "Attributo data di modifica"
-#: src/config/SSSDConfig.py:182
+#: src/config/SSSDConfig.py:190
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig.py:183
+#: src/config/SSSDConfig.py:191
#, fuzzy
msgid "accountExpires attribute of AD"
msgstr "Attributo del nome utente"
-#: src/config/SSSDConfig.py:184
+#: src/config/SSSDConfig.py:192
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:185
+#: src/config/SSSDConfig.py:193
#, fuzzy
msgid "nsAccountLock attribute"
msgstr "Attributo del nome utente"
-#: src/config/SSSDConfig.py:187
+#: src/config/SSSDConfig.py:194
+#, fuzzy
+msgid "loginDisabled attribute of NDS"
+msgstr "Attributo del nome utente"
+
+#: src/config/SSSDConfig.py:195
+#, fuzzy
+msgid "loginExpirationTime attribute of NDS"
+msgstr "Attributo del nome utente"
+
+#: src/config/SSSDConfig.py:196
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:198
#, fuzzy
msgid "Base DN for group lookups"
msgstr "Base DN per i lookup utente"
-#: src/config/SSSDConfig.py:190
+#: src/config/SSSDConfig.py:201
#, fuzzy
msgid "Objectclass for groups"
msgstr "Objectclass per gli utenti"
-#: src/config/SSSDConfig.py:191
+#: src/config/SSSDConfig.py:202
#, fuzzy
msgid "Group name"
msgstr "Gruppi"
-#: src/config/SSSDConfig.py:192
+#: src/config/SSSDConfig.py:203
#, fuzzy
msgid "Group password"
msgstr "Gruppi"
-#: src/config/SSSDConfig.py:193
+#: src/config/SSSDConfig.py:204
#, fuzzy
msgid "GID attribute"
msgstr "Attributo UID"
-#: src/config/SSSDConfig.py:194
+#: src/config/SSSDConfig.py:205
#, fuzzy
msgid "Group member attribute"
msgstr "Attributo memberOf"
-#: src/config/SSSDConfig.py:195
+#: src/config/SSSDConfig.py:206
#, fuzzy
msgid "Group UUID attribute"
msgstr "Attributo UUID"
-#: src/config/SSSDConfig.py:196
+#: src/config/SSSDConfig.py:207
#, fuzzy
msgid "Modification time attribute for groups"
msgstr "Attributo data di modifica"
-#: src/config/SSSDConfig.py:198
+#: src/config/SSSDConfig.py:209
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig.py:200
+#: src/config/SSSDConfig.py:211
#, fuzzy
msgid "Base DN for netgroup lookups"
msgstr "Base DN per i lookup utente"
-#: src/config/SSSDConfig.py:201
+#: src/config/SSSDConfig.py:212
#, fuzzy
msgid "Objectclass for netgroups"
msgstr "Objectclass per gli utenti"
-#: src/config/SSSDConfig.py:202
+#: src/config/SSSDConfig.py:213
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig.py:203
+#: src/config/SSSDConfig.py:214
#, fuzzy
msgid "Netgroups members attribute"
msgstr "Attributo memberOf"
-#: src/config/SSSDConfig.py:204
+#: src/config/SSSDConfig.py:215
#, fuzzy
msgid "Netgroup triple attribute"
msgstr "Attributo data di modifica"
-#: src/config/SSSDConfig.py:205
+#: src/config/SSSDConfig.py:216
#, fuzzy
msgid "Netgroup UUID attribute"
msgstr "Attributo UUID"
-#: src/config/SSSDConfig.py:206
+#: src/config/SSSDConfig.py:217
#, fuzzy
msgid "Modification time attribute for netgroups"
msgstr "Attributo data di modifica"
-#: src/config/SSSDConfig.py:209
+#: src/config/SSSDConfig.py:220
msgid "Policy to evaluate the password expiration"
msgstr "Politica per controllare la scadenza della password"
-#: src/config/SSSDConfig.py:212
+#: src/config/SSSDConfig.py:223
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig.py:213
+#: src/config/SSSDConfig.py:224
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig.py:214
+#: src/config/SSSDConfig.py:225
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig.py:217
+#: src/config/SSSDConfig.py:228
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig.py:218
+#: src/config/SSSDConfig.py:229
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig.py:221
+#: src/config/SSSDConfig.py:232
msgid "Comma separated list of allowed users"
msgstr "Lista separata da virgola degli utenti abilitati"
-#: src/config/SSSDConfig.py:222
+#: src/config/SSSDConfig.py:233
msgid "Comma separated list of prohibited users"
msgstr "Lista separata da virgola degli utenti non abilitati"
-#: src/config/SSSDConfig.py:225
+#: src/config/SSSDConfig.py:236
msgid "Default shell, /bin/bash"
msgstr "Shell predefinita, /bin/bash"
-#: src/config/SSSDConfig.py:226
+#: src/config/SSSDConfig.py:237
msgid "Base for home directories"
msgstr "Base delle home directory"
-#: src/config/SSSDConfig.py:229
+#: src/config/SSSDConfig.py:240
msgid "The name of the NSS library to use"
msgstr "Il nome della libreria NSS da usare"
-#: src/config/SSSDConfig.py:232
+#: src/config/SSSDConfig.py:243
msgid "PAM stack to use"
msgstr "Stack PAM da usare"
-#: src/monitor/monitor.c:2245
+#: src/monitor/monitor.c:2316
msgid "Become a daemon (default)"
msgstr "Esegui come demone (default)"
-#: src/monitor/monitor.c:2247
+#: src/monitor/monitor.c:2318
msgid "Run interactive (not a daemon)"
msgstr "Esegui interattivamente (non come demone)"
-#: src/monitor/monitor.c:2249
+#: src/monitor/monitor.c:2320
msgid "Specify a non-default config file"
msgstr "Specificare un file di configurazione specifico"
#: src/providers/krb5/krb5_child.c:1554 src/providers/ldap/ldap_child.c:360
-#: src/util/util.h:65
+#: src/util/util.h:67
msgid "Debug level"
msgstr "Livello debug"
#: src/providers/krb5/krb5_child.c:1556 src/providers/ldap/ldap_child.c:362
-#: src/util/util.h:69
+#: src/util/util.h:71
msgid "Add debug timestamps"
msgstr "Includi timestamp di debug"
@@ -688,95 +738,95 @@ msgstr "Includi timestamp di debug"
msgid "An open file descriptor for the debug logs"
msgstr "Un descrittore di file aperto per l'output di debug"
-#: src/providers/data_provider_be.c:1226
+#: src/providers/data_provider_be.c:1196
msgid "Domain of the information provider (mandatory)"
msgstr "Dominio del provider di informazioni (obbligatorio)"
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:820
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:825
+#: src/sss_client/common.c:823
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:826
#, fuzzy
msgid "Unexpected format of the server credential message."
msgstr "Percorso della cache delle credenziali utente"
-#: src/sss_client/common.c:831
+#: src/sss_client/common.c:829
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:836
+#: src/sss_client/common.c:834
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:842
+#: src/sss_client/common.c:840
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:378
+#: src/sss_client/pam_sss.c:374
msgid "Passwords do not match"
msgstr "Le password non coincidono"
-#: src/sss_client/pam_sss.c:571
+#: src/sss_client/pam_sss.c:567
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:612
+#: src/sss_client/pam_sss.c:608
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:613
+#: src/sss_client/pam_sss.c:609
msgid ", your cached password will expire at: "
msgstr ", la password in cache scadrà il: "
-#: src/sss_client/pam_sss.c:643
+#: src/sss_client/pam_sss.c:639
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:689
+#: src/sss_client/pam_sss.c:685
#, fuzzy, c-format
msgid "Your password will expire in %d %s."
msgstr ", la password in cache scadrà il: "
-#: src/sss_client/pam_sss.c:738
+#: src/sss_client/pam_sss.c:734
#, fuzzy
msgid "Authentication is denied until: "
msgstr "Autenticazione offline, l'autenticazione sarà negata fino a:"
-#: src/sss_client/pam_sss.c:765
+#: src/sss_client/pam_sss.c:761
msgid "System is offline, password change not possible"
msgstr "Il sistema è offline, non è possibile richiedere un cambio password"
-#: src/sss_client/pam_sss.c:795 src/sss_client/pam_sss.c:808
+#: src/sss_client/pam_sss.c:791 src/sss_client/pam_sss.c:804
msgid "Password change failed. "
msgstr "Cambio password fallito."
-#: src/sss_client/pam_sss.c:798 src/sss_client/pam_sss.c:809
+#: src/sss_client/pam_sss.c:794 src/sss_client/pam_sss.c:805
msgid "Server message: "
msgstr "Messaggio del server:"
-#: src/sss_client/pam_sss.c:1212
+#: src/sss_client/pam_sss.c:1208
msgid "New Password: "
msgstr "Nuova password: "
-#: src/sss_client/pam_sss.c:1213
+#: src/sss_client/pam_sss.c:1209
msgid "Reenter new Password: "
msgstr "Conferma nuova password: "
-#: src/sss_client/pam_sss.c:1295
+#: src/sss_client/pam_sss.c:1291
msgid "Password: "
msgstr "Password: "
-#: src/sss_client/pam_sss.c:1327
+#: src/sss_client/pam_sss.c:1323
msgid "Current Password: "
msgstr "Password corrente: "
-#: src/sss_client/pam_sss.c:1473
+#: src/sss_client/pam_sss.c:1469
msgid "Password expired. Change your password now."
msgstr "Password scaduta. Cambiare la password ora."
@@ -1203,7 +1253,7 @@ msgstr "Memoria esaurita\n"
msgid "%s must be run as root\n"
msgstr "%s deve essere eseguito come root\n"
-#: src/util/util.h:67
+#: src/util/util.h:69
msgid "Send the debug output to files instead of stderr"
msgstr "Redirigere l'output di debug su file anzichè stderr"
diff --git a/po/ja.po b/po/ja.po
index bd6930e07..f2aa7112e 100644
--- a/po/ja.po
+++ b/po/ja.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-04-27 11:41-0400\n"
+"POT-Creation-Date: 2011-08-02 15:55-0400\n"
"PO-Revision-Date: 2011-03-08 15:26+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -89,552 +89,600 @@ msgstr ""
msgid "The value of the password field the NSS provider should return"
msgstr ""
+#: src/config/SSSDConfig.py:61
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:62
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
#: src/config/SSSDConfig.py:63
-msgid "How long to allow cached logins between online logins (days)"
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
msgstr ""
#: src/config/SSSDConfig.py:64
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig.py:67
+msgid "How long to allow cached logins between online logins (days)"
+msgstr ""
+
+#: src/config/SSSDConfig.py:68
msgid "How many failed logins attempts are allowed when offline"
msgstr ""
-#: src/config/SSSDConfig.py:65
+#: src/config/SSSDConfig.py:69
msgid ""
"How long (minutes) to deny login after offline_failed_login_attempts has "
"been reached"
msgstr ""
-#: src/config/SSSDConfig.py:66
+#: src/config/SSSDConfig.py:70
msgid "What kind of messages are displayed to the user during authentication"
msgstr ""
-#: src/config/SSSDConfig.py:67
+#: src/config/SSSDConfig.py:71
msgid "How many seconds to keep identity information cached for PAM requests"
msgstr ""
-#: src/config/SSSDConfig.py:68
+#: src/config/SSSDConfig.py:72
msgid "How many days before password expiration a warning should be displayed"
msgstr ""
-#: src/config/SSSDConfig.py:71
+#: src/config/SSSDConfig.py:75
msgid "Identity provider"
msgstr ""
-#: src/config/SSSDConfig.py:72
+#: src/config/SSSDConfig.py:76
msgid "Authentication provider"
msgstr ""
-#: src/config/SSSDConfig.py:73
+#: src/config/SSSDConfig.py:77
msgid "Access control provider"
msgstr ""
-#: src/config/SSSDConfig.py:74
+#: src/config/SSSDConfig.py:78
msgid "Password change provider"
msgstr ""
-#: src/config/SSSDConfig.py:77
+#: src/config/SSSDConfig.py:81
msgid "Minimum user ID"
msgstr ""
-#: src/config/SSSDConfig.py:78
+#: src/config/SSSDConfig.py:82
msgid "Maximum user ID"
msgstr ""
-#: src/config/SSSDConfig.py:79
+#: src/config/SSSDConfig.py:83
msgid "Enable enumerating all users/groups"
msgstr ""
-#: src/config/SSSDConfig.py:80
+#: src/config/SSSDConfig.py:84
msgid "Cache credentials for offline login"
msgstr ""
-#: src/config/SSSDConfig.py:81
+#: src/config/SSSDConfig.py:85
msgid "Store password hashes"
msgstr ""
-#: src/config/SSSDConfig.py:82
+#: src/config/SSSDConfig.py:86
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig.py:83
+#: src/config/SSSDConfig.py:87
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:84
+#: src/config/SSSDConfig.py:88
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig.py:85
+#: src/config/SSSDConfig.py:89
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig.py:86
+#: src/config/SSSDConfig.py:90
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:87
+#: src/config/SSSDConfig.py:91
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig.py:90
+#: src/config/SSSDConfig.py:92
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:95
msgid "IPA domain"
msgstr ""
-#: src/config/SSSDConfig.py:91
+#: src/config/SSSDConfig.py:96
msgid "IPA server address"
msgstr ""
-#: src/config/SSSDConfig.py:92
+#: src/config/SSSDConfig.py:97
msgid "IPA client hostname"
msgstr ""
-#: src/config/SSSDConfig.py:93
+#: src/config/SSSDConfig.py:98
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig.py:94
+#: src/config/SSSDConfig.py:99
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig.py:95
+#: src/config/SSSDConfig.py:100
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig.py:98 src/config/SSSDConfig.py:99
+#: src/config/SSSDConfig.py:101
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig.py:102
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig.py:105 src/config/SSSDConfig.py:106
msgid "Kerberos server address"
msgstr ""
-#: src/config/SSSDConfig.py:100
+#: src/config/SSSDConfig.py:107
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig.py:101
+#: src/config/SSSDConfig.py:108
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig.py:104
+#: src/config/SSSDConfig.py:111
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig.py:105
+#: src/config/SSSDConfig.py:112
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig.py:106
+#: src/config/SSSDConfig.py:113
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig.py:107
+#: src/config/SSSDConfig.py:114
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig.py:108
+#: src/config/SSSDConfig.py:115
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig.py:109
+#: src/config/SSSDConfig.py:116
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:110
+#: src/config/SSSDConfig.py:117
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:111
+#: src/config/SSSDConfig.py:118
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig.py:112
+#: src/config/SSSDConfig.py:119
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig.py:115
+#: src/config/SSSDConfig.py:122
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig.py:118
+#: src/config/SSSDConfig.py:125
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig.py:119
+#: src/config/SSSDConfig.py:126
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig.py:120
+#: src/config/SSSDConfig.py:127
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig.py:121
+#: src/config/SSSDConfig.py:128
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:122
+#: src/config/SSSDConfig.py:129
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:123
+#: src/config/SSSDConfig.py:130
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:124
+#: src/config/SSSDConfig.py:131
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig.py:125
+#: src/config/SSSDConfig.py:132
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig.py:126
+#: src/config/SSSDConfig.py:133
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig.py:127
+#: src/config/SSSDConfig.py:134
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig.py:128
+#: src/config/SSSDConfig.py:135
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig.py:129
+#: src/config/SSSDConfig.py:136
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig.py:130
+#: src/config/SSSDConfig.py:137
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig.py:131
+#: src/config/SSSDConfig.py:138
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig.py:132
+#: src/config/SSSDConfig.py:139
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig.py:133
+#: src/config/SSSDConfig.py:140
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig.py:134
+#: src/config/SSSDConfig.py:141
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig.py:135
+#: src/config/SSSDConfig.py:142
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig.py:136
+#: src/config/SSSDConfig.py:143
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig.py:137
+#: src/config/SSSDConfig.py:144
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig.py:138
+#: src/config/SSSDConfig.py:145
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig.py:139
+#: src/config/SSSDConfig.py:146
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig.py:140
+#: src/config/SSSDConfig.py:147
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig.py:141
+#: src/config/SSSDConfig.py:148
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig.py:142
+#: src/config/SSSDConfig.py:149
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig.py:143
+#: src/config/SSSDConfig.py:150
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig.py:145
+#: src/config/SSSDConfig.py:151
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig.py:153
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig.py:146
+#: src/config/SSSDConfig.py:154
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig.py:149
+#: src/config/SSSDConfig.py:157
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig.py:150
+#: src/config/SSSDConfig.py:158
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig.py:151
+#: src/config/SSSDConfig.py:159
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig.py:152
+#: src/config/SSSDConfig.py:160
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig.py:153
+#: src/config/SSSDConfig.py:161
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig.py:154
+#: src/config/SSSDConfig.py:162
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:155
+#: src/config/SSSDConfig.py:163
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:156
+#: src/config/SSSDConfig.py:164
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:157
+#: src/config/SSSDConfig.py:165
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig.py:158
+#: src/config/SSSDConfig.py:166
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig.py:160
+#: src/config/SSSDConfig.py:168
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:161
+#: src/config/SSSDConfig.py:169
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:162
+#: src/config/SSSDConfig.py:170
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig.py:163
+#: src/config/SSSDConfig.py:171
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig.py:164
+#: src/config/SSSDConfig.py:172
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig.py:165
+#: src/config/SSSDConfig.py:173
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:166
+#: src/config/SSSDConfig.py:174
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig.py:167
+#: src/config/SSSDConfig.py:175
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig.py:168
+#: src/config/SSSDConfig.py:176
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig.py:169
+#: src/config/SSSDConfig.py:177
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig.py:171
+#: src/config/SSSDConfig.py:179
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:172
+#: src/config/SSSDConfig.py:180
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig.py:173
+#: src/config/SSSDConfig.py:181
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig.py:174
+#: src/config/SSSDConfig.py:182
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig.py:175
+#: src/config/SSSDConfig.py:183
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig.py:176
+#: src/config/SSSDConfig.py:184
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig.py:177
+#: src/config/SSSDConfig.py:185
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig.py:178
+#: src/config/SSSDConfig.py:186
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig.py:179
+#: src/config/SSSDConfig.py:187
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig.py:180
+#: src/config/SSSDConfig.py:188
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:181
+#: src/config/SSSDConfig.py:189
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig.py:182
+#: src/config/SSSDConfig.py:190
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig.py:183
+#: src/config/SSSDConfig.py:191
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:184
+#: src/config/SSSDConfig.py:192
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:185
+#: src/config/SSSDConfig.py:193
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig.py:187
+#: src/config/SSSDConfig.py:194
+msgid "loginDisabled attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:195
+msgid "loginExpirationTime attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:196
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:198
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig.py:190
+#: src/config/SSSDConfig.py:201
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig.py:191
+#: src/config/SSSDConfig.py:202
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig.py:192
+#: src/config/SSSDConfig.py:203
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig.py:193
+#: src/config/SSSDConfig.py:204
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:194
+#: src/config/SSSDConfig.py:205
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig.py:195
+#: src/config/SSSDConfig.py:206
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:196
+#: src/config/SSSDConfig.py:207
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig.py:198
+#: src/config/SSSDConfig.py:209
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig.py:200
+#: src/config/SSSDConfig.py:211
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig.py:201
+#: src/config/SSSDConfig.py:212
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig.py:202
+#: src/config/SSSDConfig.py:213
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig.py:203
+#: src/config/SSSDConfig.py:214
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig.py:204
+#: src/config/SSSDConfig.py:215
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig.py:205
+#: src/config/SSSDConfig.py:216
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:206
+#: src/config/SSSDConfig.py:217
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig.py:209
+#: src/config/SSSDConfig.py:220
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig.py:212
+#: src/config/SSSDConfig.py:223
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig.py:213
+#: src/config/SSSDConfig.py:224
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig.py:214
+#: src/config/SSSDConfig.py:225
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig.py:217
+#: src/config/SSSDConfig.py:228
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig.py:218
+#: src/config/SSSDConfig.py:229
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig.py:221
+#: src/config/SSSDConfig.py:232
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig.py:222
+#: src/config/SSSDConfig.py:233
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig.py:225
+#: src/config/SSSDConfig.py:236
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig.py:226
+#: src/config/SSSDConfig.py:237
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig.py:229
+#: src/config/SSSDConfig.py:240
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig.py:232
+#: src/config/SSSDConfig.py:243
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2245
+#: src/monitor/monitor.c:2316
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2247
+#: src/monitor/monitor.c:2318
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2249
+#: src/monitor/monitor.c:2320
msgid "Specify a non-default config file"
msgstr ""
#: src/providers/krb5/krb5_child.c:1554 src/providers/ldap/ldap_child.c:360
-#: src/util/util.h:65
+#: src/util/util.h:67
msgid "Debug level"
msgstr ""
#: src/providers/krb5/krb5_child.c:1556 src/providers/ldap/ldap_child.c:362
-#: src/util/util.h:69
+#: src/util/util.h:71
msgid "Add debug timestamps"
msgstr ""
@@ -642,93 +690,93 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:1226
+#: src/providers/data_provider_be.c:1196
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:820
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:825
+#: src/sss_client/common.c:823
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:826
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:831
+#: src/sss_client/common.c:829
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:836
+#: src/sss_client/common.c:834
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:842
+#: src/sss_client/common.c:840
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:378
+#: src/sss_client/pam_sss.c:374
msgid "Passwords do not match"
msgstr ""
-#: src/sss_client/pam_sss.c:571
+#: src/sss_client/pam_sss.c:567
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:612
+#: src/sss_client/pam_sss.c:608
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:613
+#: src/sss_client/pam_sss.c:609
msgid ", your cached password will expire at: "
msgstr ""
-#: src/sss_client/pam_sss.c:643
+#: src/sss_client/pam_sss.c:639
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:689
+#: src/sss_client/pam_sss.c:685
#, c-format
msgid "Your password will expire in %d %s."
msgstr ""
-#: src/sss_client/pam_sss.c:738
+#: src/sss_client/pam_sss.c:734
msgid "Authentication is denied until: "
msgstr ""
-#: src/sss_client/pam_sss.c:765
+#: src/sss_client/pam_sss.c:761
msgid "System is offline, password change not possible"
msgstr ""
-#: src/sss_client/pam_sss.c:795 src/sss_client/pam_sss.c:808
+#: src/sss_client/pam_sss.c:791 src/sss_client/pam_sss.c:804
msgid "Password change failed. "
msgstr ""
-#: src/sss_client/pam_sss.c:798 src/sss_client/pam_sss.c:809
+#: src/sss_client/pam_sss.c:794 src/sss_client/pam_sss.c:805
msgid "Server message: "
msgstr ""
-#: src/sss_client/pam_sss.c:1212
+#: src/sss_client/pam_sss.c:1208
msgid "New Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1213
+#: src/sss_client/pam_sss.c:1209
msgid "Reenter new Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1295
+#: src/sss_client/pam_sss.c:1291
msgid "Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1327
+#: src/sss_client/pam_sss.c:1323
msgid "Current Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1473
+#: src/sss_client/pam_sss.c:1469
msgid "Password expired. Change your password now."
msgstr ""
@@ -1126,6 +1174,6 @@ msgstr ""
msgid "%s must be run as root\n"
msgstr ""
-#: src/util/util.h:67
+#: src/util/util.h:69
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/nl.po b/po/nl.po
index c0b468bce..e19a6c755 100644
--- a/po/nl.po
+++ b/po/nl.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd.master.sss_daemon\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-04-27 11:41-0400\n"
+"POT-Creation-Date: 2011-08-02 15:55-0400\n"
"PO-Revision-Date: 2009-11-19 12:19+0100\n"
"Last-Translator: Richard van der Luit <nippur@fedoraproject.org>\n"
"Language-Team: Dutch <nl@li.org>\n"
@@ -90,552 +90,600 @@ msgstr ""
msgid "The value of the password field the NSS provider should return"
msgstr ""
+#: src/config/SSSDConfig.py:61
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:62
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
#: src/config/SSSDConfig.py:63
-msgid "How long to allow cached logins between online logins (days)"
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
msgstr ""
#: src/config/SSSDConfig.py:64
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig.py:67
+msgid "How long to allow cached logins between online logins (days)"
+msgstr ""
+
+#: src/config/SSSDConfig.py:68
msgid "How many failed logins attempts are allowed when offline"
msgstr ""
-#: src/config/SSSDConfig.py:65
+#: src/config/SSSDConfig.py:69
msgid ""
"How long (minutes) to deny login after offline_failed_login_attempts has "
"been reached"
msgstr ""
-#: src/config/SSSDConfig.py:66
+#: src/config/SSSDConfig.py:70
msgid "What kind of messages are displayed to the user during authentication"
msgstr ""
-#: src/config/SSSDConfig.py:67
+#: src/config/SSSDConfig.py:71
msgid "How many seconds to keep identity information cached for PAM requests"
msgstr ""
-#: src/config/SSSDConfig.py:68
+#: src/config/SSSDConfig.py:72
msgid "How many days before password expiration a warning should be displayed"
msgstr ""
-#: src/config/SSSDConfig.py:71
+#: src/config/SSSDConfig.py:75
msgid "Identity provider"
msgstr ""
-#: src/config/SSSDConfig.py:72
+#: src/config/SSSDConfig.py:76
msgid "Authentication provider"
msgstr ""
-#: src/config/SSSDConfig.py:73
+#: src/config/SSSDConfig.py:77
msgid "Access control provider"
msgstr ""
-#: src/config/SSSDConfig.py:74
+#: src/config/SSSDConfig.py:78
msgid "Password change provider"
msgstr ""
-#: src/config/SSSDConfig.py:77
+#: src/config/SSSDConfig.py:81
msgid "Minimum user ID"
msgstr ""
-#: src/config/SSSDConfig.py:78
+#: src/config/SSSDConfig.py:82
msgid "Maximum user ID"
msgstr ""
-#: src/config/SSSDConfig.py:79
+#: src/config/SSSDConfig.py:83
msgid "Enable enumerating all users/groups"
msgstr ""
-#: src/config/SSSDConfig.py:80
+#: src/config/SSSDConfig.py:84
msgid "Cache credentials for offline login"
msgstr ""
-#: src/config/SSSDConfig.py:81
+#: src/config/SSSDConfig.py:85
msgid "Store password hashes"
msgstr ""
-#: src/config/SSSDConfig.py:82
+#: src/config/SSSDConfig.py:86
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig.py:83
+#: src/config/SSSDConfig.py:87
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:84
+#: src/config/SSSDConfig.py:88
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig.py:85
+#: src/config/SSSDConfig.py:89
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig.py:86
+#: src/config/SSSDConfig.py:90
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:87
+#: src/config/SSSDConfig.py:91
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig.py:90
+#: src/config/SSSDConfig.py:92
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:95
msgid "IPA domain"
msgstr ""
-#: src/config/SSSDConfig.py:91
+#: src/config/SSSDConfig.py:96
msgid "IPA server address"
msgstr ""
-#: src/config/SSSDConfig.py:92
+#: src/config/SSSDConfig.py:97
msgid "IPA client hostname"
msgstr ""
-#: src/config/SSSDConfig.py:93
+#: src/config/SSSDConfig.py:98
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig.py:94
+#: src/config/SSSDConfig.py:99
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig.py:95
+#: src/config/SSSDConfig.py:100
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig.py:98 src/config/SSSDConfig.py:99
+#: src/config/SSSDConfig.py:101
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig.py:102
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig.py:105 src/config/SSSDConfig.py:106
msgid "Kerberos server address"
msgstr ""
-#: src/config/SSSDConfig.py:100
+#: src/config/SSSDConfig.py:107
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig.py:101
+#: src/config/SSSDConfig.py:108
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig.py:104
+#: src/config/SSSDConfig.py:111
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig.py:105
+#: src/config/SSSDConfig.py:112
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig.py:106
+#: src/config/SSSDConfig.py:113
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig.py:107
+#: src/config/SSSDConfig.py:114
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig.py:108
+#: src/config/SSSDConfig.py:115
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig.py:109
+#: src/config/SSSDConfig.py:116
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:110
+#: src/config/SSSDConfig.py:117
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:111
+#: src/config/SSSDConfig.py:118
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig.py:112
+#: src/config/SSSDConfig.py:119
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig.py:115
+#: src/config/SSSDConfig.py:122
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig.py:118
+#: src/config/SSSDConfig.py:125
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig.py:119
+#: src/config/SSSDConfig.py:126
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig.py:120
+#: src/config/SSSDConfig.py:127
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig.py:121
+#: src/config/SSSDConfig.py:128
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:122
+#: src/config/SSSDConfig.py:129
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:123
+#: src/config/SSSDConfig.py:130
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:124
+#: src/config/SSSDConfig.py:131
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig.py:125
+#: src/config/SSSDConfig.py:132
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig.py:126
+#: src/config/SSSDConfig.py:133
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig.py:127
+#: src/config/SSSDConfig.py:134
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig.py:128
+#: src/config/SSSDConfig.py:135
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig.py:129
+#: src/config/SSSDConfig.py:136
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig.py:130
+#: src/config/SSSDConfig.py:137
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig.py:131
+#: src/config/SSSDConfig.py:138
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig.py:132
+#: src/config/SSSDConfig.py:139
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig.py:133
+#: src/config/SSSDConfig.py:140
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig.py:134
+#: src/config/SSSDConfig.py:141
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig.py:135
+#: src/config/SSSDConfig.py:142
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig.py:136
+#: src/config/SSSDConfig.py:143
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig.py:137
+#: src/config/SSSDConfig.py:144
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig.py:138
+#: src/config/SSSDConfig.py:145
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig.py:139
+#: src/config/SSSDConfig.py:146
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig.py:140
+#: src/config/SSSDConfig.py:147
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig.py:141
+#: src/config/SSSDConfig.py:148
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig.py:142
+#: src/config/SSSDConfig.py:149
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig.py:143
+#: src/config/SSSDConfig.py:150
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig.py:145
+#: src/config/SSSDConfig.py:151
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig.py:153
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig.py:146
+#: src/config/SSSDConfig.py:154
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig.py:149
+#: src/config/SSSDConfig.py:157
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig.py:150
+#: src/config/SSSDConfig.py:158
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig.py:151
+#: src/config/SSSDConfig.py:159
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig.py:152
+#: src/config/SSSDConfig.py:160
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig.py:153
+#: src/config/SSSDConfig.py:161
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig.py:154
+#: src/config/SSSDConfig.py:162
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:155
+#: src/config/SSSDConfig.py:163
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:156
+#: src/config/SSSDConfig.py:164
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:157
+#: src/config/SSSDConfig.py:165
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig.py:158
+#: src/config/SSSDConfig.py:166
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig.py:160
+#: src/config/SSSDConfig.py:168
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:161
+#: src/config/SSSDConfig.py:169
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:162
+#: src/config/SSSDConfig.py:170
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig.py:163
+#: src/config/SSSDConfig.py:171
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig.py:164
+#: src/config/SSSDConfig.py:172
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig.py:165
+#: src/config/SSSDConfig.py:173
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:166
+#: src/config/SSSDConfig.py:174
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig.py:167
+#: src/config/SSSDConfig.py:175
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig.py:168
+#: src/config/SSSDConfig.py:176
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig.py:169
+#: src/config/SSSDConfig.py:177
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig.py:171
+#: src/config/SSSDConfig.py:179
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:172
+#: src/config/SSSDConfig.py:180
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig.py:173
+#: src/config/SSSDConfig.py:181
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig.py:174
+#: src/config/SSSDConfig.py:182
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig.py:175
+#: src/config/SSSDConfig.py:183
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig.py:176
+#: src/config/SSSDConfig.py:184
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig.py:177
+#: src/config/SSSDConfig.py:185
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig.py:178
+#: src/config/SSSDConfig.py:186
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig.py:179
+#: src/config/SSSDConfig.py:187
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig.py:180
+#: src/config/SSSDConfig.py:188
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:181
+#: src/config/SSSDConfig.py:189
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig.py:182
+#: src/config/SSSDConfig.py:190
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig.py:183
+#: src/config/SSSDConfig.py:191
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:184
+#: src/config/SSSDConfig.py:192
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:185
+#: src/config/SSSDConfig.py:193
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig.py:187
+#: src/config/SSSDConfig.py:194
+msgid "loginDisabled attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:195
+msgid "loginExpirationTime attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:196
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:198
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig.py:190
+#: src/config/SSSDConfig.py:201
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig.py:191
+#: src/config/SSSDConfig.py:202
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig.py:192
+#: src/config/SSSDConfig.py:203
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig.py:193
+#: src/config/SSSDConfig.py:204
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:194
+#: src/config/SSSDConfig.py:205
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig.py:195
+#: src/config/SSSDConfig.py:206
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:196
+#: src/config/SSSDConfig.py:207
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig.py:198
+#: src/config/SSSDConfig.py:209
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig.py:200
+#: src/config/SSSDConfig.py:211
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig.py:201
+#: src/config/SSSDConfig.py:212
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig.py:202
+#: src/config/SSSDConfig.py:213
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig.py:203
+#: src/config/SSSDConfig.py:214
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig.py:204
+#: src/config/SSSDConfig.py:215
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig.py:205
+#: src/config/SSSDConfig.py:216
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:206
+#: src/config/SSSDConfig.py:217
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig.py:209
+#: src/config/SSSDConfig.py:220
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig.py:212
+#: src/config/SSSDConfig.py:223
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig.py:213
+#: src/config/SSSDConfig.py:224
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig.py:214
+#: src/config/SSSDConfig.py:225
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig.py:217
+#: src/config/SSSDConfig.py:228
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig.py:218
+#: src/config/SSSDConfig.py:229
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig.py:221
+#: src/config/SSSDConfig.py:232
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig.py:222
+#: src/config/SSSDConfig.py:233
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig.py:225
+#: src/config/SSSDConfig.py:236
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig.py:226
+#: src/config/SSSDConfig.py:237
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig.py:229
+#: src/config/SSSDConfig.py:240
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig.py:232
+#: src/config/SSSDConfig.py:243
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2245
+#: src/monitor/monitor.c:2316
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2247
+#: src/monitor/monitor.c:2318
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2249
+#: src/monitor/monitor.c:2320
msgid "Specify a non-default config file"
msgstr ""
#: src/providers/krb5/krb5_child.c:1554 src/providers/ldap/ldap_child.c:360
-#: src/util/util.h:65
+#: src/util/util.h:67
msgid "Debug level"
msgstr ""
#: src/providers/krb5/krb5_child.c:1556 src/providers/ldap/ldap_child.c:362
-#: src/util/util.h:69
+#: src/util/util.h:71
msgid "Add debug timestamps"
msgstr ""
@@ -643,95 +691,95 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:1226
+#: src/providers/data_provider_be.c:1196
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:820
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:825
+#: src/sss_client/common.c:823
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:826
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:831
+#: src/sss_client/common.c:829
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:836
+#: src/sss_client/common.c:834
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:842
+#: src/sss_client/common.c:840
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:378
+#: src/sss_client/pam_sss.c:374
msgid "Passwords do not match"
msgstr "Wachtwoorden komen niet overeen"
-#: src/sss_client/pam_sss.c:571
+#: src/sss_client/pam_sss.c:567
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:612
+#: src/sss_client/pam_sss.c:608
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:613
+#: src/sss_client/pam_sss.c:609
msgid ", your cached password will expire at: "
msgstr ""
-#: src/sss_client/pam_sss.c:643
+#: src/sss_client/pam_sss.c:639
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:689
+#: src/sss_client/pam_sss.c:685
#, fuzzy, c-format
msgid "Your password will expire in %d %s."
msgstr "Wachtwoord is verlopen."
-#: src/sss_client/pam_sss.c:738
+#: src/sss_client/pam_sss.c:734
msgid "Authentication is denied until: "
msgstr ""
-#: src/sss_client/pam_sss.c:765
+#: src/sss_client/pam_sss.c:761
msgid "System is offline, password change not possible"
msgstr ""
-#: src/sss_client/pam_sss.c:795 src/sss_client/pam_sss.c:808
+#: src/sss_client/pam_sss.c:791 src/sss_client/pam_sss.c:804
#, fuzzy
msgid "Password change failed. "
msgstr "Wachtwoord is verlopen."
-#: src/sss_client/pam_sss.c:798 src/sss_client/pam_sss.c:809
+#: src/sss_client/pam_sss.c:794 src/sss_client/pam_sss.c:805
msgid "Server message: "
msgstr ""
-#: src/sss_client/pam_sss.c:1212
+#: src/sss_client/pam_sss.c:1208
msgid "New Password: "
msgstr "Nieuw Wachtwoord: "
-#: src/sss_client/pam_sss.c:1213
+#: src/sss_client/pam_sss.c:1209
msgid "Reenter new Password: "
msgstr "Voer nieuw wachtwoord nogmaals in: "
-#: src/sss_client/pam_sss.c:1295
+#: src/sss_client/pam_sss.c:1291
msgid "Password: "
msgstr "Wachtwoord: "
-#: src/sss_client/pam_sss.c:1327
+#: src/sss_client/pam_sss.c:1323
#, fuzzy
msgid "Current Password: "
msgstr "Nieuw Wachtwoord: "
-#: src/sss_client/pam_sss.c:1473
+#: src/sss_client/pam_sss.c:1469
msgid "Password expired. Change your password now."
msgstr ""
@@ -1129,6 +1177,6 @@ msgstr ""
msgid "%s must be run as root\n"
msgstr ""
-#: src/util/util.h:67
+#: src/util/util.h:69
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/pl.po b/po/pl.po
index 3c2f56095..ee82354d9 100644
--- a/po/pl.po
+++ b/po/pl.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-04-27 11:41-0400\n"
+"POT-Creation-Date: 2011-08-02 15:55-0400\n"
"PO-Revision-Date: 2011-03-08 15:07+0000\n"
"Last-Translator: sgallagh <sgallagh@redhat.com>\n"
"Language-Team: Polish <None>\n"
@@ -90,17 +90,36 @@ msgstr "Czy filtrowani użytkownicy powinni pojawiać się w grupach"
msgid "The value of the password field the NSS provider should return"
msgstr "Wartość pola hasła, jaką dostawca NSS powinien zwrócić"
+#: src/config/SSSDConfig.py:61
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:62
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
#: src/config/SSSDConfig.py:63
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
+msgstr ""
+
+#: src/config/SSSDConfig.py:64
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig.py:67
msgid "How long to allow cached logins between online logins (days)"
msgstr ""
"Jak długo umożliwiać logowania w pamięci podręcznej między logowaniami w "
"trybie online (dni)"
-#: src/config/SSSDConfig.py:64
+#: src/config/SSSDConfig.py:68
msgid "How many failed logins attempts are allowed when offline"
msgstr "Ile nieudanych prób zalogowania jest dozwolonych w trybie offline"
-#: src/config/SSSDConfig.py:65
+#: src/config/SSSDConfig.py:69
msgid ""
"How long (minutes) to deny login after offline_failed_login_attempts has "
"been reached"
@@ -108,557 +127,588 @@ msgstr ""
"Ile czasu (minut) nie pozwalać na zalogowanie po osiągnięciu "
"offline_failed_login_attempts"
-#: src/config/SSSDConfig.py:66
+#: src/config/SSSDConfig.py:70
msgid "What kind of messages are displayed to the user during authentication"
msgstr ""
"Jaki rodzaj komunikatów wyświetlać użytkownikowi podczas uwierzytelniania"
-#: src/config/SSSDConfig.py:67
+#: src/config/SSSDConfig.py:71
msgid "How many seconds to keep identity information cached for PAM requests"
msgstr ""
"Ile sekund zatrzymać informacje o tożsamości w pamięci podręcznej dla żądań "
"PAM"
-#: src/config/SSSDConfig.py:68
+#: src/config/SSSDConfig.py:72
msgid "How many days before password expiration a warning should be displayed"
msgstr "Ile dni przed wygaśnięciem hasła wyświetlić ostrzeżenie"
-#: src/config/SSSDConfig.py:71
+#: src/config/SSSDConfig.py:75
msgid "Identity provider"
msgstr "Dostawca tożsamości"
-#: src/config/SSSDConfig.py:72
+#: src/config/SSSDConfig.py:76
msgid "Authentication provider"
msgstr "Dostawca uwierzytelniania"
-#: src/config/SSSDConfig.py:73
+#: src/config/SSSDConfig.py:77
msgid "Access control provider"
msgstr "Dostawca kontroli dostępu"
-#: src/config/SSSDConfig.py:74
+#: src/config/SSSDConfig.py:78
msgid "Password change provider"
msgstr "Dostawca zmiany hasła"
-#: src/config/SSSDConfig.py:77
+#: src/config/SSSDConfig.py:81
msgid "Minimum user ID"
msgstr "Minimalny identyfikator użytkownika"
-#: src/config/SSSDConfig.py:78
+#: src/config/SSSDConfig.py:82
msgid "Maximum user ID"
msgstr "Maksymalny identyfikator użytkownika"
-#: src/config/SSSDConfig.py:79
+#: src/config/SSSDConfig.py:83
msgid "Enable enumerating all users/groups"
msgstr "Włącza wyliczanie wszystkich użytkowników/grup"
-#: src/config/SSSDConfig.py:80
+#: src/config/SSSDConfig.py:84
msgid "Cache credentials for offline login"
msgstr "Dane uwierzytelniające pamięci podręcznej dla logowań w trybie offline"
-#: src/config/SSSDConfig.py:81
+#: src/config/SSSDConfig.py:85
msgid "Store password hashes"
msgstr "Przechowuje mieszanie haseł"
-#: src/config/SSSDConfig.py:82
+#: src/config/SSSDConfig.py:86
msgid "Display users/groups in fully-qualified form"
msgstr "Wyświetla użytkowników/grupy w pełnej formie"
-#: src/config/SSSDConfig.py:83
+#: src/config/SSSDConfig.py:87
msgid "Entry cache timeout length (seconds)"
msgstr "Czas oczekiwania pamięci podręcznej wpisów (sekundy)"
-#: src/config/SSSDConfig.py:84
+#: src/config/SSSDConfig.py:88
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Ogranicza lub preferuje podaną rodzinę adresów podczas wykonywania "
"wyszukiwań DNS"
-#: src/config/SSSDConfig.py:85
+#: src/config/SSSDConfig.py:89
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Jak długo utrzymywać wpisy logowania w pamięci podręcznej po ostatnim udanym "
"zalogowaniu (dni)"
-#: src/config/SSSDConfig.py:86
+#: src/config/SSSDConfig.py:90
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
"Jak długo czekać na odpowiedzi od serwera DNS podczas rozwiązywania serwerów "
"(sekundy)"
-#: src/config/SSSDConfig.py:87
+#: src/config/SSSDConfig.py:91
msgid "The domain part of service discovery DNS query"
msgstr "Część domeny zapytania DNS wykrywania usługi"
-#: src/config/SSSDConfig.py:90
+#: src/config/SSSDConfig.py:92
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:95
msgid "IPA domain"
msgstr "Domena IPA"
-#: src/config/SSSDConfig.py:91
+#: src/config/SSSDConfig.py:96
msgid "IPA server address"
msgstr "Adres serwera IPA"
-#: src/config/SSSDConfig.py:92
+#: src/config/SSSDConfig.py:97
msgid "IPA client hostname"
msgstr "Nazwa komputera klienta IPA"
-#: src/config/SSSDConfig.py:93
+#: src/config/SSSDConfig.py:98
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Czy automatycznie aktualizować wpis DNS klienta w oprogramowaniu FreeIPA"
-#: src/config/SSSDConfig.py:94
+#: src/config/SSSDConfig.py:99
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"Interfejs, którego adres IP powinien być używany do dynamicznych "
"aktualizacji DNS"
-#: src/config/SSSDConfig.py:95
+#: src/config/SSSDConfig.py:100
msgid "Search base for HBAC related objects"
msgstr "Wyszukiwanie podstawy pod kątem obiektów związanych z HBAC"
-#: src/config/SSSDConfig.py:98 src/config/SSSDConfig.py:99
+#: src/config/SSSDConfig.py:101
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig.py:102
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig.py:105 src/config/SSSDConfig.py:106
msgid "Kerberos server address"
msgstr "Adres serwera Kerberos"
-#: src/config/SSSDConfig.py:100
+#: src/config/SSSDConfig.py:107
msgid "Kerberos realm"
msgstr "Obszar Kerberos"
-#: src/config/SSSDConfig.py:101
+#: src/config/SSSDConfig.py:108
msgid "Authentication timeout"
msgstr "Czas oczekiwania na uwierzytelnienie"
-#: src/config/SSSDConfig.py:104
+#: src/config/SSSDConfig.py:111
msgid "Directory to store credential caches"
msgstr ""
"Katalog do przechowywania pamięci podręcznych danych uwierzytelniających"
-#: src/config/SSSDConfig.py:105
+#: src/config/SSSDConfig.py:112
msgid "Location of the user's credential cache"
msgstr "Położenie pamięci podręcznej danych uwierzytelniających użytkownika"
-#: src/config/SSSDConfig.py:106
+#: src/config/SSSDConfig.py:113
msgid "Location of the keytab to validate credentials"
msgstr "Położenie tablicy kluczy do sprawdzania danych uwierzytelniających"
-#: src/config/SSSDConfig.py:107
+#: src/config/SSSDConfig.py:114
msgid "Enable credential validation"
msgstr "Włącza sprawdzanie danych uwierzytelniających"
-#: src/config/SSSDConfig.py:108
+#: src/config/SSSDConfig.py:115
msgid "Store password if offline for later online authentication"
msgstr ""
"Przechowuje hasło, jeśli w trybie offline do późniejszego uwierzytelnienia w "
"trybie online"
-#: src/config/SSSDConfig.py:109
+#: src/config/SSSDConfig.py:116
msgid "Renewable lifetime of the TGT"
msgstr "Odnawialny czas trwania TGT"
-#: src/config/SSSDConfig.py:110
+#: src/config/SSSDConfig.py:117
msgid "Lifetime of the TGT"
msgstr "Czas trwania TGT"
-#: src/config/SSSDConfig.py:111
+#: src/config/SSSDConfig.py:118
msgid "Time between two checks for renewal"
msgstr "Czas między dwoma sprawdzaniami odnowy"
-#: src/config/SSSDConfig.py:112
+#: src/config/SSSDConfig.py:119
msgid "Enables FAST"
msgstr "Włącza FAST"
-#: src/config/SSSDConfig.py:115
+#: src/config/SSSDConfig.py:122
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Serwer, w którym jest uruchomiona usługa zmiany haseł, jeśli nie znajduje "
"się w KDC"
-#: src/config/SSSDConfig.py:118
+#: src/config/SSSDConfig.py:125
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, adres URI serwera LDAP"
-#: src/config/SSSDConfig.py:119
+#: src/config/SSSDConfig.py:126
msgid "The default base DN"
msgstr "Domyślna podstawowa DN"
-#: src/config/SSSDConfig.py:120
+#: src/config/SSSDConfig.py:127
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Typ Schema do użycia na serwerze LDAP, RFC2307"
-#: src/config/SSSDConfig.py:121
+#: src/config/SSSDConfig.py:128
msgid "The default bind DN"
msgstr "Domyślne DN dowiązania"
-#: src/config/SSSDConfig.py:122
+#: src/config/SSSDConfig.py:129
msgid "The type of the authentication token of the default bind DN"
msgstr "Typ tokenu uwierzytelniania domyślnego DN dowiązania"
-#: src/config/SSSDConfig.py:123
+#: src/config/SSSDConfig.py:130
msgid "The authentication token of the default bind DN"
msgstr "Token uwierzytelniania domyślnego DN dowiązania"
-#: src/config/SSSDConfig.py:124
+#: src/config/SSSDConfig.py:131
msgid "Length of time to attempt connection"
msgstr "Czas do próby połączenia"
-#: src/config/SSSDConfig.py:125
+#: src/config/SSSDConfig.py:132
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Czas do próby synchronicznych działań LDAP"
-#: src/config/SSSDConfig.py:126
+#: src/config/SSSDConfig.py:133
msgid "Length of time between attempts to reconnect while offline"
msgstr "Czas między próbami ponownego połączenia w trybie offline"
-#: src/config/SSSDConfig.py:127
+#: src/config/SSSDConfig.py:134
msgid "Use only the upper case for realm names"
msgstr "Użycie tylko małych znaków w nazwach obszarów"
-#: src/config/SSSDConfig.py:128
+#: src/config/SSSDConfig.py:135
msgid "File that contains CA certificates"
msgstr "Plik zawierający certyfikaty CA"
-#: src/config/SSSDConfig.py:129
+#: src/config/SSSDConfig.py:136
msgid "Path to CA certificate directory"
msgstr "Ścieżka do katalogu certyfikatów CA"
-#: src/config/SSSDConfig.py:130
+#: src/config/SSSDConfig.py:137
msgid "File that contains the client certificate"
msgstr "Plik zawierający certyfikat klienta"
-#: src/config/SSSDConfig.py:131
+#: src/config/SSSDConfig.py:138
msgid "File that contains the client key"
msgstr "Plik zawierający klucz klienta"
-#: src/config/SSSDConfig.py:132
+#: src/config/SSSDConfig.py:139
msgid "List of possible ciphers suites"
msgstr "Lista możliwych zestawów szyfrów"
-#: src/config/SSSDConfig.py:133
+#: src/config/SSSDConfig.py:140
msgid "Require TLS certificate verification"
msgstr "Wymaga sprawdzenia certyfikatu TLS"
-#: src/config/SSSDConfig.py:134
+#: src/config/SSSDConfig.py:141
msgid "Specify the sasl mechanism to use"
msgstr "Podaje używany mechanizm SASL"
-#: src/config/SSSDConfig.py:135
+#: src/config/SSSDConfig.py:142
msgid "Specify the sasl authorization id to use"
msgstr "Podaje używany identyfikator upoważnienia SASL"
-#: src/config/SSSDConfig.py:136
+#: src/config/SSSDConfig.py:143
#, fuzzy
msgid "Specify the sasl authorization realm to use"
msgstr "Podaje używany identyfikator upoważnienia SASL"
-#: src/config/SSSDConfig.py:137
+#: src/config/SSSDConfig.py:144
msgid "Kerberos service keytab"
msgstr "Tablica kluczy usługi Kerberos"
-#: src/config/SSSDConfig.py:138
+#: src/config/SSSDConfig.py:145
msgid "Use Kerberos auth for LDAP connection"
msgstr "Używa uwierzytelniania Kerberos dla połączenia LDAP"
-#: src/config/SSSDConfig.py:139
+#: src/config/SSSDConfig.py:146
msgid "Follow LDAP referrals"
msgstr "Podąża za odsyłaniami LDAP"
-#: src/config/SSSDConfig.py:140
+#: src/config/SSSDConfig.py:147
msgid "Lifetime of TGT for LDAP connection"
msgstr "Czas trwania TGT dla połączenia LDAP"
-#: src/config/SSSDConfig.py:141
+#: src/config/SSSDConfig.py:148
msgid "How to dereference aliases"
msgstr "Jak wskazywać aliasy"
-#: src/config/SSSDConfig.py:142
+#: src/config/SSSDConfig.py:149
msgid "Service name for DNS service lookups"
msgstr "Nazwa usługi do wyszukiwań usługi DNS"
-#: src/config/SSSDConfig.py:143
+#: src/config/SSSDConfig.py:150
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig.py:145
+#: src/config/SSSDConfig.py:151
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig.py:153
msgid "entryUSN attribute"
msgstr "Atrybut entryUSN"
-#: src/config/SSSDConfig.py:146
+#: src/config/SSSDConfig.py:154
msgid "lastUSN attribute"
msgstr "Atrybut lastUSN"
-#: src/config/SSSDConfig.py:149
+#: src/config/SSSDConfig.py:157
msgid "Length of time to wait for a search request"
msgstr "Czas oczekiwania na żądanie wyszukiwania"
-#: src/config/SSSDConfig.py:150
+#: src/config/SSSDConfig.py:158
msgid "Length of time to wait for a enumeration request"
msgstr "Czas oczekiwania na żądanie wyliczenia"
-#: src/config/SSSDConfig.py:151
+#: src/config/SSSDConfig.py:159
msgid "Length of time between enumeration updates"
msgstr "Czas między aktualizacjami wyliczania"
-#: src/config/SSSDConfig.py:152
+#: src/config/SSSDConfig.py:160
msgid "Length of time between cache cleanups"
msgstr "Czas między czyszczeniem pamięci podręcznej"
-#: src/config/SSSDConfig.py:153
+#: src/config/SSSDConfig.py:161
msgid "Require TLS for ID lookups"
msgstr "Wymaga TLS dla wyszukiwania identyfikatorów"
-#: src/config/SSSDConfig.py:154
+#: src/config/SSSDConfig.py:162
msgid "Base DN for user lookups"
msgstr "Podstawowe DN dla wyszukiwania użytkowników"
-#: src/config/SSSDConfig.py:155
+#: src/config/SSSDConfig.py:163
msgid "Scope of user lookups"
msgstr "Zakres wyszukiwania użytkowników"
-#: src/config/SSSDConfig.py:156
+#: src/config/SSSDConfig.py:164
msgid "Filter for user lookups"
msgstr "Filtruje wyszukiwania użytkowników"
-#: src/config/SSSDConfig.py:157
+#: src/config/SSSDConfig.py:165
msgid "Objectclass for users"
msgstr "Klasa obiektów dla użytkowników"
-#: src/config/SSSDConfig.py:158
+#: src/config/SSSDConfig.py:166
msgid "Username attribute"
msgstr "Atrybut nazwy użytkownika"
-#: src/config/SSSDConfig.py:160
+#: src/config/SSSDConfig.py:168
msgid "UID attribute"
msgstr "Atrybut UID"
-#: src/config/SSSDConfig.py:161
+#: src/config/SSSDConfig.py:169
msgid "Primary GID attribute"
msgstr "Pierwszy atrybut GID"
-#: src/config/SSSDConfig.py:162
+#: src/config/SSSDConfig.py:170
msgid "GECOS attribute"
msgstr "Atrybut GECOS"
-#: src/config/SSSDConfig.py:163
+#: src/config/SSSDConfig.py:171
msgid "Home directory attribute"
msgstr "Atrybut katalogu domowego"
-#: src/config/SSSDConfig.py:164
+#: src/config/SSSDConfig.py:172
msgid "Shell attribute"
msgstr "Atrybut powłoki"
-#: src/config/SSSDConfig.py:165
+#: src/config/SSSDConfig.py:173
msgid "UUID attribute"
msgstr "Atrybut UUID"
-#: src/config/SSSDConfig.py:166
+#: src/config/SSSDConfig.py:174
msgid "User principal attribute (for Kerberos)"
msgstr "Atrybut głównego użytkownika (dla Kerberos)"
-#: src/config/SSSDConfig.py:167
+#: src/config/SSSDConfig.py:175
msgid "Full Name"
msgstr "Imię i nazwisko"
-#: src/config/SSSDConfig.py:168
+#: src/config/SSSDConfig.py:176
msgid "memberOf attribute"
msgstr "Atrybut memberOf"
-#: src/config/SSSDConfig.py:169
+#: src/config/SSSDConfig.py:177
msgid "Modification time attribute"
msgstr "Atrybut czasu modyfikacji"
-#: src/config/SSSDConfig.py:171
+#: src/config/SSSDConfig.py:179
msgid "shadowLastChange attribute"
msgstr "Atrybut shadowLastChange"
-#: src/config/SSSDConfig.py:172
+#: src/config/SSSDConfig.py:180
msgid "shadowMin attribute"
msgstr "Atrybut shadowMin"
-#: src/config/SSSDConfig.py:173
+#: src/config/SSSDConfig.py:181
msgid "shadowMax attribute"
msgstr "Atrybut shadowMax"
-#: src/config/SSSDConfig.py:174
+#: src/config/SSSDConfig.py:182
msgid "shadowWarning attribute"
msgstr "Atrybut shadowWarning"
-#: src/config/SSSDConfig.py:175
+#: src/config/SSSDConfig.py:183
msgid "shadowInactive attribute"
msgstr "Atrybut shadowInactive"
-#: src/config/SSSDConfig.py:176
+#: src/config/SSSDConfig.py:184
msgid "shadowExpire attribute"
msgstr "Atrybut shadowExpire"
-#: src/config/SSSDConfig.py:177
+#: src/config/SSSDConfig.py:185
msgid "shadowFlag attribute"
msgstr "Atrybut shadowFlag"
-#: src/config/SSSDConfig.py:178
+#: src/config/SSSDConfig.py:186
msgid "Attribute listing authorized PAM services"
msgstr "Atrybut zawierający listę upoważnionych usług PAM"
-#: src/config/SSSDConfig.py:179
+#: src/config/SSSDConfig.py:187
#, fuzzy
msgid "Attribute listing authorized server hosts"
msgstr "Atrybut zawierający listę upoważnionych usług PAM"
-#: src/config/SSSDConfig.py:180
+#: src/config/SSSDConfig.py:188
msgid "krbLastPwdChange attribute"
msgstr "Atrybut krbLastPwdChange"
-#: src/config/SSSDConfig.py:181
+#: src/config/SSSDConfig.py:189
msgid "krbPasswordExpiration attribute"
msgstr "Atrybut krbPasswordExpiration"
-#: src/config/SSSDConfig.py:182
+#: src/config/SSSDConfig.py:190
msgid "Attribute indicating that server side password policies are active"
msgstr "Atrybut wskazujący, czy polityki haseł po stronie serwera są aktywne"
-#: src/config/SSSDConfig.py:183
+#: src/config/SSSDConfig.py:191
msgid "accountExpires attribute of AD"
msgstr "Atrybut accountExpires AD"
-#: src/config/SSSDConfig.py:184
+#: src/config/SSSDConfig.py:192
msgid "userAccountControl attribute of AD"
msgstr "Atrybut userAccountControl AD"
-#: src/config/SSSDConfig.py:185
+#: src/config/SSSDConfig.py:193
msgid "nsAccountLock attribute"
msgstr "Atrybut nsAccountLock"
-#: src/config/SSSDConfig.py:187
+#: src/config/SSSDConfig.py:194
+#, fuzzy
+msgid "loginDisabled attribute of NDS"
+msgstr "Atrybut accountExpires AD"
+
+#: src/config/SSSDConfig.py:195
+#, fuzzy
+msgid "loginExpirationTime attribute of NDS"
+msgstr "Atrybut accountExpires AD"
+
+#: src/config/SSSDConfig.py:196
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:198
msgid "Base DN for group lookups"
msgstr "Podstawowe DN dla wyszukiwania grup"
-#: src/config/SSSDConfig.py:190
+#: src/config/SSSDConfig.py:201
msgid "Objectclass for groups"
msgstr "Klasa obiektów dla grup"
-#: src/config/SSSDConfig.py:191
+#: src/config/SSSDConfig.py:202
msgid "Group name"
msgstr "Nazwa grupy"
-#: src/config/SSSDConfig.py:192
+#: src/config/SSSDConfig.py:203
msgid "Group password"
msgstr "Hasło grupy"
-#: src/config/SSSDConfig.py:193
+#: src/config/SSSDConfig.py:204
msgid "GID attribute"
msgstr "Atrybut GID"
-#: src/config/SSSDConfig.py:194
+#: src/config/SSSDConfig.py:205
msgid "Group member attribute"
msgstr "Atrybut elementu grupy"
-#: src/config/SSSDConfig.py:195
+#: src/config/SSSDConfig.py:206
msgid "Group UUID attribute"
msgstr "Atrybut UUID grupy"
-#: src/config/SSSDConfig.py:196
+#: src/config/SSSDConfig.py:207
msgid "Modification time attribute for groups"
msgstr "Atrybut czasu modyfikacji grup"
-#: src/config/SSSDConfig.py:198
+#: src/config/SSSDConfig.py:209
msgid "Maximum nesting level SSSd will follow"
msgstr "Maksymalny poziom zagnieżdżenia, jaki usługa SSSD będzie używała"
-#: src/config/SSSDConfig.py:200
+#: src/config/SSSDConfig.py:211
msgid "Base DN for netgroup lookups"
msgstr "Podstawowe DN dla wyszukiwania grupy sieciowej"
-#: src/config/SSSDConfig.py:201
+#: src/config/SSSDConfig.py:212
msgid "Objectclass for netgroups"
msgstr "Klasa obiektów dla grup sieciowych"
-#: src/config/SSSDConfig.py:202
+#: src/config/SSSDConfig.py:213
msgid "Netgroup name"
msgstr "Nazwa grupy sieciowej"
-#: src/config/SSSDConfig.py:203
+#: src/config/SSSDConfig.py:214
msgid "Netgroups members attribute"
msgstr "Atrybut elementów grupy sieciowej"
-#: src/config/SSSDConfig.py:204
+#: src/config/SSSDConfig.py:215
msgid "Netgroup triple attribute"
msgstr "Potrójny atrybut grupy sieciowej"
-#: src/config/SSSDConfig.py:205
+#: src/config/SSSDConfig.py:216
msgid "Netgroup UUID attribute"
msgstr "Atrybut UUID grupy sieciowej"
-#: src/config/SSSDConfig.py:206
+#: src/config/SSSDConfig.py:217
msgid "Modification time attribute for netgroups"
msgstr "Atrybut czasu modyfikacji grup sieciowych"
-#: src/config/SSSDConfig.py:209
+#: src/config/SSSDConfig.py:220
msgid "Policy to evaluate the password expiration"
msgstr "Polityka do oszacowania wygaszenia hasła"
-#: src/config/SSSDConfig.py:212
+#: src/config/SSSDConfig.py:223
msgid "LDAP filter to determine access privileges"
msgstr "Filtr LDAP do określenia uprawnień dostępu"
-#: src/config/SSSDConfig.py:213
+#: src/config/SSSDConfig.py:224
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr "Które atrybuty powinny być używane do sprawdzenia, czy konto wygasło"
-#: src/config/SSSDConfig.py:214
+#: src/config/SSSDConfig.py:225
msgid "Which rules should be used to evaluate access control"
msgstr "Które reguły powinny być używane do sprawdzania kontroli dostępu"
-#: src/config/SSSDConfig.py:217
+#: src/config/SSSDConfig.py:228
msgid "URI of an LDAP server where password changes are allowed"
msgstr "Adres URI serwera LDAP, gdzie zmiany hasła są dozwolone"
-#: src/config/SSSDConfig.py:218
+#: src/config/SSSDConfig.py:229
msgid "DNS service name for LDAP password change server"
msgstr "Nazwa usługi DNS serwera zmiany hasła LDAP"
-#: src/config/SSSDConfig.py:221
+#: src/config/SSSDConfig.py:232
msgid "Comma separated list of allowed users"
msgstr "Lista dozwolonych użytkowników oddzielonych przecinkami"
-#: src/config/SSSDConfig.py:222
+#: src/config/SSSDConfig.py:233
msgid "Comma separated list of prohibited users"
msgstr "Lista zabronionych użytkowników oddzielonych przecinkami"
-#: src/config/SSSDConfig.py:225
+#: src/config/SSSDConfig.py:236
msgid "Default shell, /bin/bash"
msgstr "Domyślna powłoka, /bin/bash"
-#: src/config/SSSDConfig.py:226
+#: src/config/SSSDConfig.py:237
msgid "Base for home directories"
msgstr "Podstawa katalogów domowych"
-#: src/config/SSSDConfig.py:229
+#: src/config/SSSDConfig.py:240
msgid "The name of the NSS library to use"
msgstr "Nazwa używanej biblioteki NSS"
-#: src/config/SSSDConfig.py:232
+#: src/config/SSSDConfig.py:243
msgid "PAM stack to use"
msgstr "Używany stos PAM"
-#: src/monitor/monitor.c:2245
+#: src/monitor/monitor.c:2316
msgid "Become a daemon (default)"
msgstr "Uruchamia jako demon (domyślnie)"
-#: src/monitor/monitor.c:2247
+#: src/monitor/monitor.c:2318
msgid "Run interactive (not a daemon)"
msgstr "Uruchamia interaktywnie (nie jako demon)"
-#: src/monitor/monitor.c:2249
+#: src/monitor/monitor.c:2320
msgid "Specify a non-default config file"
msgstr "Podaje niedomyślny plik konfiguracji"
#: src/providers/krb5/krb5_child.c:1554 src/providers/ldap/ldap_child.c:360
-#: src/util/util.h:65
+#: src/util/util.h:67
msgid "Debug level"
msgstr "Poziom debugowania"
#: src/providers/krb5/krb5_child.c:1556 src/providers/ldap/ldap_child.c:362
-#: src/util/util.h:69
+#: src/util/util.h:71
msgid "Add debug timestamps"
msgstr "Dodaje czasy debugowania"
@@ -666,93 +716,93 @@ msgstr "Dodaje czasy debugowania"
msgid "An open file descriptor for the debug logs"
msgstr "Otwiera deskryptor pliku dla dzienników debugowania"
-#: src/providers/data_provider_be.c:1226
+#: src/providers/data_provider_be.c:1196
msgid "Domain of the information provider (mandatory)"
msgstr "Domena dostawcy informacji (wymagane)"
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:820
msgid "Privileged socket has wrong ownership or permissions."
msgstr "Uprawnione gniazdo posiada błędnego właściciela lub uprawnienia."
-#: src/sss_client/common.c:825
+#: src/sss_client/common.c:823
msgid "Public socket has wrong ownership or permissions."
msgstr "Publiczne gniazdo posiada błędnego właściciela lub uprawnienia"
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:826
msgid "Unexpected format of the server credential message."
msgstr "Nieoczekiwany format komunikatu uwierzytelniającego serwera."
-#: src/sss_client/common.c:831
+#: src/sss_client/common.c:829
msgid "SSSD is not run by root."
msgstr "SSSD nie zostało uruchomione w trybie roota."
-#: src/sss_client/common.c:836
+#: src/sss_client/common.c:834
msgid "An error occurred, but no description can be found."
msgstr "Wystąpił błąd, ale nie odnaleziono jego opisu."
-#: src/sss_client/common.c:842
+#: src/sss_client/common.c:840
msgid "Unexpected error while looking for an error description"
msgstr "Nieoczekiwany błąd podczas wyszukiwania opisu błędu"
-#: src/sss_client/pam_sss.c:378
+#: src/sss_client/pam_sss.c:374
msgid "Passwords do not match"
msgstr "Hasła nie zgadzają się"
-#: src/sss_client/pam_sss.c:571
+#: src/sss_client/pam_sss.c:567
msgid "Password reset by root is not supported."
msgstr "Przywrócenie hasła przez użytkownika root nie jest obsługiwane."
-#: src/sss_client/pam_sss.c:612
+#: src/sss_client/pam_sss.c:608
msgid "Authenticated with cached credentials"
msgstr "Uwierzytelniono za pomocą danych z pamięci podręcznej"
-#: src/sss_client/pam_sss.c:613
+#: src/sss_client/pam_sss.c:609
msgid ", your cached password will expire at: "
msgstr ", hasło w pamięci podręcznej wygaśnie za: "
-#: src/sss_client/pam_sss.c:643
+#: src/sss_client/pam_sss.c:639
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
msgstr "Hasło wygasło. Pozostało %d możliwych logowań."
-#: src/sss_client/pam_sss.c:689
+#: src/sss_client/pam_sss.c:685
#, c-format
msgid "Your password will expire in %d %s."
msgstr "Hasło wygaśnie za %d %s."
-#: src/sss_client/pam_sss.c:738
+#: src/sss_client/pam_sss.c:734
msgid "Authentication is denied until: "
msgstr "Uwierzytelnianie jest zabronione do: "
-#: src/sss_client/pam_sss.c:765
+#: src/sss_client/pam_sss.c:761
msgid "System is offline, password change not possible"
msgstr "System jest w trybie offline, zmiana hasła nie jest możliwa"
-#: src/sss_client/pam_sss.c:795 src/sss_client/pam_sss.c:808
+#: src/sss_client/pam_sss.c:791 src/sss_client/pam_sss.c:804
msgid "Password change failed. "
msgstr "Zmiana hasła nie powiodła się. "
-#: src/sss_client/pam_sss.c:798 src/sss_client/pam_sss.c:809
+#: src/sss_client/pam_sss.c:794 src/sss_client/pam_sss.c:805
msgid "Server message: "
msgstr "Komunikat serwera: "
-#: src/sss_client/pam_sss.c:1212
+#: src/sss_client/pam_sss.c:1208
msgid "New Password: "
msgstr "Nowe hasło: "
-#: src/sss_client/pam_sss.c:1213
+#: src/sss_client/pam_sss.c:1209
msgid "Reenter new Password: "
msgstr "Proszę ponownie podać nowe hasło: "
-#: src/sss_client/pam_sss.c:1295
+#: src/sss_client/pam_sss.c:1291
msgid "Password: "
msgstr "Hasło: "
-#: src/sss_client/pam_sss.c:1327
+#: src/sss_client/pam_sss.c:1323
msgid "Current Password: "
msgstr "Bieżące hasło: "
-#: src/sss_client/pam_sss.c:1473
+#: src/sss_client/pam_sss.c:1469
msgid "Password expired. Change your password now."
msgstr "Hasło wygasło. Proszę je zmienić teraz."
@@ -1181,7 +1231,7 @@ msgstr "Brak pamięci\n"
msgid "%s must be run as root\n"
msgstr "%s musi zostać uruchomione jako root\n"
-#: src/util/util.h:67
+#: src/util/util.h:69
msgid "Send the debug output to files instead of stderr"
msgstr ""
"Wysyła wyjście debugowania do plików, zamiast do standardowego wyjścia błędów"
diff --git a/po/pt.po b/po/pt.po
index 68399653f..eb81ff8c4 100644
--- a/po/pt.po
+++ b/po/pt.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd.master.sss_daemon\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-04-27 11:41-0400\n"
+"POT-Creation-Date: 2011-08-02 15:55-0400\n"
"PO-Revision-Date: 2010-02-23 13:59+0100\n"
"Last-Translator: Rui Gouveia <rui.gouveia@gmail.com>\n"
"Language-Team: fedora-trans-pt@redhat.com\n"
@@ -91,18 +91,37 @@ msgstr "Devem os utilizadores filtrados aparecer em grupos"
msgid "The value of the password field the NSS provider should return"
msgstr "O valor do campo da senha que o fornecedor NSS deve retornar"
+#: src/config/SSSDConfig.py:61
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:62
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
#: src/config/SSSDConfig.py:63
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
+msgstr ""
+
+#: src/config/SSSDConfig.py:64
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig.py:67
msgid "How long to allow cached logins between online logins (days)"
msgstr ""
"Durante quanto tempo devem ser permitidas as caches de sessões entre sessões "
"online (dias)"
-#: src/config/SSSDConfig.py:64
+#: src/config/SSSDConfig.py:68
msgid "How many failed logins attempts are allowed when offline"
msgstr ""
"Quantas tentativas falhadas de inicio de sessão são permitidas quando offline"
-#: src/config/SSSDConfig.py:65
+#: src/config/SSSDConfig.py:69
msgid ""
"How long (minutes) to deny login after offline_failed_login_attempts has "
"been reached"
@@ -110,576 +129,607 @@ msgstr ""
"Quanto tempo (minutos) para negar a sessão após "
"offline_failed_login_attempts ter sido atingido"
-#: src/config/SSSDConfig.py:66
+#: src/config/SSSDConfig.py:70
msgid "What kind of messages are displayed to the user during authentication"
msgstr ""
-#: src/config/SSSDConfig.py:67
+#: src/config/SSSDConfig.py:71
msgid "How many seconds to keep identity information cached for PAM requests"
msgstr ""
-#: src/config/SSSDConfig.py:68
+#: src/config/SSSDConfig.py:72
msgid "How many days before password expiration a warning should be displayed"
msgstr ""
-#: src/config/SSSDConfig.py:71
+#: src/config/SSSDConfig.py:75
msgid "Identity provider"
msgstr "Fornecedor de identidade"
-#: src/config/SSSDConfig.py:72
+#: src/config/SSSDConfig.py:76
msgid "Authentication provider"
msgstr "Fornecedor de autenticação"
-#: src/config/SSSDConfig.py:73
+#: src/config/SSSDConfig.py:77
msgid "Access control provider"
msgstr "Fornecedor de controle de acesso"
-#: src/config/SSSDConfig.py:74
+#: src/config/SSSDConfig.py:78
msgid "Password change provider"
msgstr "Fornecedor de Alteração de Senha"
-#: src/config/SSSDConfig.py:77
+#: src/config/SSSDConfig.py:81
msgid "Minimum user ID"
msgstr "ID de utilizador mínimo"
-#: src/config/SSSDConfig.py:78
+#: src/config/SSSDConfig.py:82
msgid "Maximum user ID"
msgstr "ID de utilizador máximo"
-#: src/config/SSSDConfig.py:79
+#: src/config/SSSDConfig.py:83
msgid "Enable enumerating all users/groups"
msgstr "Permitir enumeração de todos os utilizadores/grupos"
-#: src/config/SSSDConfig.py:80
+#: src/config/SSSDConfig.py:84
msgid "Cache credentials for offline login"
msgstr "Efectuar cache de credenciais para sessões em modo desligado"
-#: src/config/SSSDConfig.py:81
+#: src/config/SSSDConfig.py:85
msgid "Store password hashes"
msgstr "Guardar hashes da senha"
-#: src/config/SSSDConfig.py:82
+#: src/config/SSSDConfig.py:86
msgid "Display users/groups in fully-qualified form"
msgstr "Apresentar utilizadores/grupos na forma completa"
-#: src/config/SSSDConfig.py:83
+#: src/config/SSSDConfig.py:87
msgid "Entry cache timeout length (seconds)"
msgstr "Validade da cache (segundos)"
-#: src/config/SSSDConfig.py:84
+#: src/config/SSSDConfig.py:88
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Restringir ou preferir famílias de endereços especificas quando efectua "
"consultas DNS"
-#: src/config/SSSDConfig.py:85
+#: src/config/SSSDConfig.py:89
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Durante quanto tempo devem ser permitidas as caches de sessões entre sessões "
"bem sucedidas (dias)"
-#: src/config/SSSDConfig.py:86
+#: src/config/SSSDConfig.py:90
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:87
+#: src/config/SSSDConfig.py:91
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig.py:90
+#: src/config/SSSDConfig.py:92
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:95
msgid "IPA domain"
msgstr "Domínio IPA"
-#: src/config/SSSDConfig.py:91
+#: src/config/SSSDConfig.py:96
msgid "IPA server address"
msgstr "Endereço do servidor IPA"
-#: src/config/SSSDConfig.py:92
+#: src/config/SSSDConfig.py:97
msgid "IPA client hostname"
msgstr "Nome da máquina do cliente IPA"
-#: src/config/SSSDConfig.py:93
+#: src/config/SSSDConfig.py:98
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig.py:94
+#: src/config/SSSDConfig.py:99
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig.py:95
+#: src/config/SSSDConfig.py:100
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig.py:98 src/config/SSSDConfig.py:99
+#: src/config/SSSDConfig.py:101
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig.py:102
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig.py:105 src/config/SSSDConfig.py:106
msgid "Kerberos server address"
msgstr "Endereço do servidor Kerberos"
-#: src/config/SSSDConfig.py:100
+#: src/config/SSSDConfig.py:107
msgid "Kerberos realm"
msgstr "Reino Kerberos"
-#: src/config/SSSDConfig.py:101
+#: src/config/SSSDConfig.py:108
msgid "Authentication timeout"
msgstr "Tempo de expiração da autenticação"
-#: src/config/SSSDConfig.py:104
+#: src/config/SSSDConfig.py:111
msgid "Directory to store credential caches"
msgstr "Directório para armazenar as caches de credenciais"
-#: src/config/SSSDConfig.py:105
+#: src/config/SSSDConfig.py:112
msgid "Location of the user's credential cache"
msgstr "Localização da cache de credenciais dos utilizadores"
-#: src/config/SSSDConfig.py:106
+#: src/config/SSSDConfig.py:113
msgid "Location of the keytab to validate credentials"
msgstr "Localização da tabela de chaves (keytab) para validar credenciais"
-#: src/config/SSSDConfig.py:107
+#: src/config/SSSDConfig.py:114
msgid "Enable credential validation"
msgstr "Activar validação de credenciais"
-#: src/config/SSSDConfig.py:108
+#: src/config/SSSDConfig.py:115
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig.py:109
+#: src/config/SSSDConfig.py:116
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:110
+#: src/config/SSSDConfig.py:117
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:111
+#: src/config/SSSDConfig.py:118
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig.py:112
+#: src/config/SSSDConfig.py:119
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig.py:115
+#: src/config/SSSDConfig.py:122
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Servidor onde está em execução o serviço de alteração de senha, se não "
"coincide com o KDC"
-#: src/config/SSSDConfig.py:118
+#: src/config/SSSDConfig.py:125
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, O URI do servidor LDAP"
-#: src/config/SSSDConfig.py:119
+#: src/config/SSSDConfig.py:126
msgid "The default base DN"
msgstr "A base DN por omissão"
-#: src/config/SSSDConfig.py:120
+#: src/config/SSSDConfig.py:127
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "O tipo de Schema em utilização no servidor LDAP, rfc2307"
-#: src/config/SSSDConfig.py:121
+#: src/config/SSSDConfig.py:128
msgid "The default bind DN"
msgstr "O DN por omissão para a ligação"
-#: src/config/SSSDConfig.py:122
+#: src/config/SSSDConfig.py:129
msgid "The type of the authentication token of the default bind DN"
msgstr "O tipo de token de autenticação do bind DN por omissão"
-#: src/config/SSSDConfig.py:123
+#: src/config/SSSDConfig.py:130
msgid "The authentication token of the default bind DN"
msgstr "O token de autenticação do bind DN por omissão"
-#: src/config/SSSDConfig.py:124
+#: src/config/SSSDConfig.py:131
msgid "Length of time to attempt connection"
msgstr "Período de tempo para tentar ligação"
-#: src/config/SSSDConfig.py:125
+#: src/config/SSSDConfig.py:132
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Tempo de espera para tentar operações LDAP síncronas"
-#: src/config/SSSDConfig.py:126
+#: src/config/SSSDConfig.py:133
msgid "Length of time between attempts to reconnect while offline"
msgstr "Tempo de espera entre tentativas para re-conectar quando desligado"
-#: src/config/SSSDConfig.py:127
+#: src/config/SSSDConfig.py:134
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig.py:128
+#: src/config/SSSDConfig.py:135
msgid "File that contains CA certificates"
msgstr "Ficheiro que contêm os certificados CA"
-#: src/config/SSSDConfig.py:129
+#: src/config/SSSDConfig.py:136
msgid "Path to CA certificate directory"
msgstr "Caminho para o directório do certificado CA"
-#: src/config/SSSDConfig.py:130
+#: src/config/SSSDConfig.py:137
#, fuzzy
msgid "File that contains the client certificate"
msgstr "Ficheiro que contêm os certificados CA"
-#: src/config/SSSDConfig.py:131
+#: src/config/SSSDConfig.py:138
#, fuzzy
msgid "File that contains the client key"
msgstr "Ficheiro que contêm os certificados CA"
-#: src/config/SSSDConfig.py:132
+#: src/config/SSSDConfig.py:139
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig.py:133
+#: src/config/SSSDConfig.py:140
msgid "Require TLS certificate verification"
msgstr "Obriga a verificação de certificados TLS"
-#: src/config/SSSDConfig.py:134
+#: src/config/SSSDConfig.py:141
msgid "Specify the sasl mechanism to use"
msgstr "Especificar mecanismo sasl a utilizar"
-#: src/config/SSSDConfig.py:135
+#: src/config/SSSDConfig.py:142
msgid "Specify the sasl authorization id to use"
msgstr "Especifique o id sasl para utilizar na autorização"
-#: src/config/SSSDConfig.py:136
+#: src/config/SSSDConfig.py:143
#, fuzzy
msgid "Specify the sasl authorization realm to use"
msgstr "Especifique o id sasl para utilizar na autorização"
-#: src/config/SSSDConfig.py:137
+#: src/config/SSSDConfig.py:144
msgid "Kerberos service keytab"
msgstr "Separador chave do serviço Kerberos"
-#: src/config/SSSDConfig.py:138
+#: src/config/SSSDConfig.py:145
msgid "Use Kerberos auth for LDAP connection"
msgstr "Utilizar autenticação Kerberos para ligações LDAP"
-#: src/config/SSSDConfig.py:139
+#: src/config/SSSDConfig.py:146
msgid "Follow LDAP referrals"
msgstr "Seguir os referrals LDAP"
-#: src/config/SSSDConfig.py:140
+#: src/config/SSSDConfig.py:147
#, fuzzy
msgid "Lifetime of TGT for LDAP connection"
msgstr "Utilizar autenticação Kerberos para ligações LDAP"
-#: src/config/SSSDConfig.py:141
+#: src/config/SSSDConfig.py:148
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig.py:142
+#: src/config/SSSDConfig.py:149
#, fuzzy
msgid "Service name for DNS service lookups"
msgstr "Filtro para as pesquisas do utilizador"
-#: src/config/SSSDConfig.py:143
+#: src/config/SSSDConfig.py:150
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig.py:145
+#: src/config/SSSDConfig.py:151
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig.py:153
#, fuzzy
msgid "entryUSN attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig.py:146
+#: src/config/SSSDConfig.py:154
#, fuzzy
msgid "lastUSN attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig.py:149
+#: src/config/SSSDConfig.py:157
msgid "Length of time to wait for a search request"
msgstr "Tempo de espera por um pedido de pesquisa"
-#: src/config/SSSDConfig.py:150
+#: src/config/SSSDConfig.py:158
#, fuzzy
msgid "Length of time to wait for a enumeration request"
msgstr "Tempo de espera por um pedido de pesquisa"
-#: src/config/SSSDConfig.py:151
+#: src/config/SSSDConfig.py:159
msgid "Length of time between enumeration updates"
msgstr "Período de tempo entre enumeração de actualizações"
-#: src/config/SSSDConfig.py:152
+#: src/config/SSSDConfig.py:160
#, fuzzy
msgid "Length of time between cache cleanups"
msgstr "Período de tempo entre enumeração de actualizações"
-#: src/config/SSSDConfig.py:153
+#: src/config/SSSDConfig.py:161
msgid "Require TLS for ID lookups"
msgstr "Requer TLS para consultas de ID"
-#: src/config/SSSDConfig.py:154
+#: src/config/SSSDConfig.py:162
msgid "Base DN for user lookups"
msgstr "DN base para pesquisa de utilizadores"
-#: src/config/SSSDConfig.py:155
+#: src/config/SSSDConfig.py:163
msgid "Scope of user lookups"
msgstr "Âmbito das pesquisas do utilizador"
-#: src/config/SSSDConfig.py:156
+#: src/config/SSSDConfig.py:164
msgid "Filter for user lookups"
msgstr "Filtro para as pesquisas do utilizador"
-#: src/config/SSSDConfig.py:157
+#: src/config/SSSDConfig.py:165
msgid "Objectclass for users"
msgstr "Objectclass para utilizadores"
-#: src/config/SSSDConfig.py:158
+#: src/config/SSSDConfig.py:166
msgid "Username attribute"
msgstr "Atributo do nome do utilizador"
-#: src/config/SSSDConfig.py:160
+#: src/config/SSSDConfig.py:168
msgid "UID attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig.py:161
+#: src/config/SSSDConfig.py:169
msgid "Primary GID attribute"
msgstr "Atributo GID primário"
-#: src/config/SSSDConfig.py:162
+#: src/config/SSSDConfig.py:170
msgid "GECOS attribute"
msgstr "Atributo GECOS"
-#: src/config/SSSDConfig.py:163
+#: src/config/SSSDConfig.py:171
msgid "Home directory attribute"
msgstr "Atributo da pasta pessoal"
-#: src/config/SSSDConfig.py:164
+#: src/config/SSSDConfig.py:172
msgid "Shell attribute"
msgstr "Atributo da Shell"
-#: src/config/SSSDConfig.py:165
+#: src/config/SSSDConfig.py:173
msgid "UUID attribute"
msgstr "Atributo UUID"
-#: src/config/SSSDConfig.py:166
+#: src/config/SSSDConfig.py:174
msgid "User principal attribute (for Kerberos)"
msgstr "Atributo principal do utilizador (para Kerberos)"
-#: src/config/SSSDConfig.py:167
+#: src/config/SSSDConfig.py:175
msgid "Full Name"
msgstr "Nome Completo"
-#: src/config/SSSDConfig.py:168
+#: src/config/SSSDConfig.py:176
msgid "memberOf attribute"
msgstr "Atributo memberOf"
-#: src/config/SSSDConfig.py:169
+#: src/config/SSSDConfig.py:177
msgid "Modification time attribute"
msgstr "Atributo da alteração da data"
-#: src/config/SSSDConfig.py:171
+#: src/config/SSSDConfig.py:179
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:172
+#: src/config/SSSDConfig.py:180
#, fuzzy
msgid "shadowMin attribute"
msgstr "Atributo do nome do utilizador"
-#: src/config/SSSDConfig.py:173
+#: src/config/SSSDConfig.py:181
#, fuzzy
msgid "shadowMax attribute"
msgstr "Atributo do nome do utilizador"
-#: src/config/SSSDConfig.py:174
+#: src/config/SSSDConfig.py:182
#, fuzzy
msgid "shadowWarning attribute"
msgstr "Atributo do nome do utilizador"
-#: src/config/SSSDConfig.py:175
+#: src/config/SSSDConfig.py:183
#, fuzzy
msgid "shadowInactive attribute"
msgstr "Atributo do nome do utilizador"
-#: src/config/SSSDConfig.py:176
+#: src/config/SSSDConfig.py:184
#, fuzzy
msgid "shadowExpire attribute"
msgstr "Atributo do nome do utilizador"
-#: src/config/SSSDConfig.py:177
+#: src/config/SSSDConfig.py:185
#, fuzzy
msgid "shadowFlag attribute"
msgstr "Atributo da Shell"
-#: src/config/SSSDConfig.py:178
+#: src/config/SSSDConfig.py:186
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig.py:179
+#: src/config/SSSDConfig.py:187
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig.py:180
+#: src/config/SSSDConfig.py:188
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:181
+#: src/config/SSSDConfig.py:189
#, fuzzy
msgid "krbPasswordExpiration attribute"
msgstr "Atributo da alteração da data"
-#: src/config/SSSDConfig.py:182
+#: src/config/SSSDConfig.py:190
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig.py:183
+#: src/config/SSSDConfig.py:191
#, fuzzy
msgid "accountExpires attribute of AD"
msgstr "Atributo do nome do utilizador"
-#: src/config/SSSDConfig.py:184
+#: src/config/SSSDConfig.py:192
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:185
+#: src/config/SSSDConfig.py:193
#, fuzzy
msgid "nsAccountLock attribute"
msgstr "Atributo do nome do utilizador"
-#: src/config/SSSDConfig.py:187
+#: src/config/SSSDConfig.py:194
+#, fuzzy
+msgid "loginDisabled attribute of NDS"
+msgstr "Atributo do nome do utilizador"
+
+#: src/config/SSSDConfig.py:195
+#, fuzzy
+msgid "loginExpirationTime attribute of NDS"
+msgstr "Atributo do nome do utilizador"
+
+#: src/config/SSSDConfig.py:196
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:198
#, fuzzy
msgid "Base DN for group lookups"
msgstr "DN base para pesquisa de utilizadores"
-#: src/config/SSSDConfig.py:190
+#: src/config/SSSDConfig.py:201
#, fuzzy
msgid "Objectclass for groups"
msgstr "Objectclass para utilizadores"
-#: src/config/SSSDConfig.py:191
+#: src/config/SSSDConfig.py:202
#, fuzzy
msgid "Group name"
msgstr "Grupos"
-#: src/config/SSSDConfig.py:192
+#: src/config/SSSDConfig.py:203
#, fuzzy
msgid "Group password"
msgstr "Grupos"
-#: src/config/SSSDConfig.py:193
+#: src/config/SSSDConfig.py:204
#, fuzzy
msgid "GID attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig.py:194
+#: src/config/SSSDConfig.py:205
#, fuzzy
msgid "Group member attribute"
msgstr "Atributo memberOf"
-#: src/config/SSSDConfig.py:195
+#: src/config/SSSDConfig.py:206
#, fuzzy
msgid "Group UUID attribute"
msgstr "Atributo UUID"
-#: src/config/SSSDConfig.py:196
+#: src/config/SSSDConfig.py:207
#, fuzzy
msgid "Modification time attribute for groups"
msgstr "Atributo da alteração da data"
-#: src/config/SSSDConfig.py:198
+#: src/config/SSSDConfig.py:209
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig.py:200
+#: src/config/SSSDConfig.py:211
#, fuzzy
msgid "Base DN for netgroup lookups"
msgstr "DN base para pesquisa de utilizadores"
-#: src/config/SSSDConfig.py:201
+#: src/config/SSSDConfig.py:212
#, fuzzy
msgid "Objectclass for netgroups"
msgstr "Objectclass para utilizadores"
-#: src/config/SSSDConfig.py:202
+#: src/config/SSSDConfig.py:213
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig.py:203
+#: src/config/SSSDConfig.py:214
#, fuzzy
msgid "Netgroups members attribute"
msgstr "Atributo memberOf"
-#: src/config/SSSDConfig.py:204
+#: src/config/SSSDConfig.py:215
#, fuzzy
msgid "Netgroup triple attribute"
msgstr "Atributo da alteração da data"
-#: src/config/SSSDConfig.py:205
+#: src/config/SSSDConfig.py:216
#, fuzzy
msgid "Netgroup UUID attribute"
msgstr "Atributo UUID"
-#: src/config/SSSDConfig.py:206
+#: src/config/SSSDConfig.py:217
#, fuzzy
msgid "Modification time attribute for netgroups"
msgstr "Atributo da alteração da data"
-#: src/config/SSSDConfig.py:209
+#: src/config/SSSDConfig.py:220
msgid "Policy to evaluate the password expiration"
msgstr "Politica para avaliar a expiração da senha"
-#: src/config/SSSDConfig.py:212
+#: src/config/SSSDConfig.py:223
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig.py:213
+#: src/config/SSSDConfig.py:224
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig.py:214
+#: src/config/SSSDConfig.py:225
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig.py:217
+#: src/config/SSSDConfig.py:228
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig.py:218
+#: src/config/SSSDConfig.py:229
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig.py:221
+#: src/config/SSSDConfig.py:232
msgid "Comma separated list of allowed users"
msgstr "Lista de utilizadores autorizados separados por vírgulas"
-#: src/config/SSSDConfig.py:222
+#: src/config/SSSDConfig.py:233
msgid "Comma separated list of prohibited users"
msgstr "Lista de utilizadores não autorizados separados por vírgulas"
-#: src/config/SSSDConfig.py:225
+#: src/config/SSSDConfig.py:236
msgid "Default shell, /bin/bash"
msgstr "Shell pré-definida, /bin/bash"
-#: src/config/SSSDConfig.py:226
+#: src/config/SSSDConfig.py:237
msgid "Base for home directories"
msgstr "Directório base para as pastas pessoais"
-#: src/config/SSSDConfig.py:229
+#: src/config/SSSDConfig.py:240
msgid "The name of the NSS library to use"
msgstr "O nome da biblioteca NSS a utilizar"
-#: src/config/SSSDConfig.py:232
+#: src/config/SSSDConfig.py:243
msgid "PAM stack to use"
msgstr "Stack PAM a utilizar"
-#: src/monitor/monitor.c:2245
+#: src/monitor/monitor.c:2316
msgid "Become a daemon (default)"
msgstr "Tornar-se num serviço (omissão)"
-#: src/monitor/monitor.c:2247
+#: src/monitor/monitor.c:2318
msgid "Run interactive (not a daemon)"
msgstr "Executar interactivamente (não como serviço)"
-#: src/monitor/monitor.c:2249
+#: src/monitor/monitor.c:2320
msgid "Specify a non-default config file"
msgstr "Especificar um ficheiro de configuração não standard"
#: src/providers/krb5/krb5_child.c:1554 src/providers/ldap/ldap_child.c:360
-#: src/util/util.h:65
+#: src/util/util.h:67
msgid "Debug level"
msgstr "Nível de depuração"
#: src/providers/krb5/krb5_child.c:1556 src/providers/ldap/ldap_child.c:362
-#: src/util/util.h:69
+#: src/util/util.h:71
msgid "Add debug timestamps"
msgstr "Adicionar tempos na depuração"
@@ -687,95 +737,95 @@ msgstr "Adicionar tempos na depuração"
msgid "An open file descriptor for the debug logs"
msgstr "Um descritor de ficheiro aberto para os registos de depuração"
-#: src/providers/data_provider_be.c:1226
+#: src/providers/data_provider_be.c:1196
msgid "Domain of the information provider (mandatory)"
msgstr "Domínio do fornecedor de informação (obrigatório)"
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:820
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:825
+#: src/sss_client/common.c:823
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:826
#, fuzzy
msgid "Unexpected format of the server credential message."
msgstr "Localização da cache de credenciais dos utilizadores"
-#: src/sss_client/common.c:831
+#: src/sss_client/common.c:829
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:836
+#: src/sss_client/common.c:834
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:842
+#: src/sss_client/common.c:840
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:378
+#: src/sss_client/pam_sss.c:374
msgid "Passwords do not match"
msgstr "Senhas não coincidem"
-#: src/sss_client/pam_sss.c:571
+#: src/sss_client/pam_sss.c:567
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:612
+#: src/sss_client/pam_sss.c:608
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:613
+#: src/sss_client/pam_sss.c:609
msgid ", your cached password will expire at: "
msgstr ", a sua senha guardada em cache irá expirar em: "
-#: src/sss_client/pam_sss.c:643
+#: src/sss_client/pam_sss.c:639
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
msgstr "A sua senha expirou. Restam-lhe %d sessões de tolerância."
-#: src/sss_client/pam_sss.c:689
+#: src/sss_client/pam_sss.c:685
#, c-format
msgid "Your password will expire in %d %s."
msgstr "A sua senha irá expirar em %d %s."
-#: src/sss_client/pam_sss.c:738
+#: src/sss_client/pam_sss.c:734
#, fuzzy
msgid "Authentication is denied until: "
msgstr "Autenticação offline, a autenticação é negada até: "
-#: src/sss_client/pam_sss.c:765
+#: src/sss_client/pam_sss.c:761
msgid "System is offline, password change not possible"
msgstr "O sistema está offline, a mudança de senha não é possível"
-#: src/sss_client/pam_sss.c:795 src/sss_client/pam_sss.c:808
+#: src/sss_client/pam_sss.c:791 src/sss_client/pam_sss.c:804
msgid "Password change failed. "
msgstr "Alteração da senha falhou."
-#: src/sss_client/pam_sss.c:798 src/sss_client/pam_sss.c:809
+#: src/sss_client/pam_sss.c:794 src/sss_client/pam_sss.c:805
msgid "Server message: "
msgstr "Mensagem do Servidor: "
-#: src/sss_client/pam_sss.c:1212
+#: src/sss_client/pam_sss.c:1208
msgid "New Password: "
msgstr "Nova Senha: "
-#: src/sss_client/pam_sss.c:1213
+#: src/sss_client/pam_sss.c:1209
msgid "Reenter new Password: "
msgstr "Digite a senha novamente: "
-#: src/sss_client/pam_sss.c:1295
+#: src/sss_client/pam_sss.c:1291
msgid "Password: "
msgstr "Senha: "
-#: src/sss_client/pam_sss.c:1327
+#: src/sss_client/pam_sss.c:1323
msgid "Current Password: "
msgstr "Senha actual: "
-#: src/sss_client/pam_sss.c:1473
+#: src/sss_client/pam_sss.c:1469
msgid "Password expired. Change your password now."
msgstr "A senha expirou. Altere a sua senha agora."
@@ -1200,7 +1250,7 @@ msgstr "Memória esgotada\n"
msgid "%s must be run as root\n"
msgstr "%s tem de executar como root\n"
-#: src/util/util.h:67
+#: src/util/util.h:69
msgid "Send the debug output to files instead of stderr"
msgstr "Enviar o resultado de depuração para ficheiro em vez do stderr"
diff --git a/po/ru.po b/po/ru.po
index 60709d5be..f3638d828 100644
--- a/po/ru.po
+++ b/po/ru.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: ru\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-04-27 11:41-0400\n"
+"POT-Creation-Date: 2011-08-02 15:55-0400\n"
"PO-Revision-Date: 2010-04-07 21:39+0300\n"
"Last-Translator: Dmitry Drozdov <dmi3652@gmail.com>\n"
"Language-Team: Russian <fedora-trans-ru@redhat.com>\n"
@@ -91,17 +91,36 @@ msgstr "Должны ли отфильтрованные пользовател
msgid "The value of the password field the NSS provider should return"
msgstr "Значение поля пароля, которое должен вернуть поставщик NSS"
+#: src/config/SSSDConfig.py:61
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:62
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
#: src/config/SSSDConfig.py:63
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
+msgstr ""
+
+#: src/config/SSSDConfig.py:64
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig.py:67
msgid "How long to allow cached logins between online logins (days)"
msgstr ""
"Разрешённый интервал кэшированных входов между интерактивными входами (в "
"днях)"
-#: src/config/SSSDConfig.py:64
+#: src/config/SSSDConfig.py:68
msgid "How many failed logins attempts are allowed when offline"
msgstr "Разрешённое количество неудачных попыток неинтерактивного входа"
-#: src/config/SSSDConfig.py:65
+#: src/config/SSSDConfig.py:69
msgid ""
"How long (minutes) to deny login after offline_failed_login_attempts has "
"been reached"
@@ -109,578 +128,609 @@ msgstr ""
"Временной интервал (в минутах), в течение которого будет запрещён вход после "
"достижения offline_failed_login_attempts"
-#: src/config/SSSDConfig.py:66
+#: src/config/SSSDConfig.py:70
msgid "What kind of messages are displayed to the user during authentication"
msgstr ""
-#: src/config/SSSDConfig.py:67
+#: src/config/SSSDConfig.py:71
msgid "How many seconds to keep identity information cached for PAM requests"
msgstr ""
-#: src/config/SSSDConfig.py:68
+#: src/config/SSSDConfig.py:72
msgid "How many days before password expiration a warning should be displayed"
msgstr ""
-#: src/config/SSSDConfig.py:71
+#: src/config/SSSDConfig.py:75
msgid "Identity provider"
msgstr "Поставщик данных для идентификации"
-#: src/config/SSSDConfig.py:72
+#: src/config/SSSDConfig.py:76
msgid "Authentication provider"
msgstr "Поставщик данных для проверки подлинности"
-#: src/config/SSSDConfig.py:73
+#: src/config/SSSDConfig.py:77
msgid "Access control provider"
msgstr "Поставщик данных для контроля доступа"
-#: src/config/SSSDConfig.py:74
+#: src/config/SSSDConfig.py:78
msgid "Password change provider"
msgstr "Поставщик операции смены пароля"
-#: src/config/SSSDConfig.py:77
+#: src/config/SSSDConfig.py:81
msgid "Minimum user ID"
msgstr "Минимальный ID пользователя"
-#: src/config/SSSDConfig.py:78
+#: src/config/SSSDConfig.py:82
msgid "Maximum user ID"
msgstr "Максимальный ID пользователя"
-#: src/config/SSSDConfig.py:79
+#: src/config/SSSDConfig.py:83
msgid "Enable enumerating all users/groups"
msgstr "Включить перечисление всех пользователей/групп"
-#: src/config/SSSDConfig.py:80
+#: src/config/SSSDConfig.py:84
msgid "Cache credentials for offline login"
msgstr "Кэшировать учётные данные для неинтерактивного входа"
-#: src/config/SSSDConfig.py:81
+#: src/config/SSSDConfig.py:85
msgid "Store password hashes"
msgstr "Хранить хеши паролей"
-#: src/config/SSSDConfig.py:82
+#: src/config/SSSDConfig.py:86
msgid "Display users/groups in fully-qualified form"
msgstr "Отображать пользователей/группы в полной форме"
-#: src/config/SSSDConfig.py:83
+#: src/config/SSSDConfig.py:87
msgid "Entry cache timeout length (seconds)"
msgstr "Тайм-аут элемента списка кэша (в секундах)"
-#: src/config/SSSDConfig.py:84
+#: src/config/SSSDConfig.py:88
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Ограничивать или предпочитать определённое семейство адресов при выполнении "
"запросов DNS"
-#: src/config/SSSDConfig.py:85
+#: src/config/SSSDConfig.py:89
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Как долго хранить кэшированные элементы списка после последнего успешного "
"входа (в днях)"
-#: src/config/SSSDConfig.py:86
+#: src/config/SSSDConfig.py:90
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:87
+#: src/config/SSSDConfig.py:91
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig.py:90
+#: src/config/SSSDConfig.py:92
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:95
msgid "IPA domain"
msgstr "IPA-домен"
-#: src/config/SSSDConfig.py:91
+#: src/config/SSSDConfig.py:96
msgid "IPA server address"
msgstr "адрес сервера IPA"
-#: src/config/SSSDConfig.py:92
+#: src/config/SSSDConfig.py:97
msgid "IPA client hostname"
msgstr "имя узла клиента IPA"
-#: src/config/SSSDConfig.py:93
+#: src/config/SSSDConfig.py:98
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig.py:94
+#: src/config/SSSDConfig.py:99
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig.py:95
+#: src/config/SSSDConfig.py:100
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig.py:98 src/config/SSSDConfig.py:99
+#: src/config/SSSDConfig.py:101
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig.py:102
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig.py:105 src/config/SSSDConfig.py:106
msgid "Kerberos server address"
msgstr "Имя сервера Kerberos"
-#: src/config/SSSDConfig.py:100
+#: src/config/SSSDConfig.py:107
msgid "Kerberos realm"
msgstr "Область действия Kerberos"
-#: src/config/SSSDConfig.py:101
+#: src/config/SSSDConfig.py:108
msgid "Authentication timeout"
msgstr "Тайм-аут проверки подлинности"
-#: src/config/SSSDConfig.py:104
+#: src/config/SSSDConfig.py:111
msgid "Directory to store credential caches"
msgstr "Каталог для хранения кэшей учётных данных"
-#: src/config/SSSDConfig.py:105
+#: src/config/SSSDConfig.py:112
msgid "Location of the user's credential cache"
msgstr "Расположения кэша учётных данных пользователей"
-#: src/config/SSSDConfig.py:106
+#: src/config/SSSDConfig.py:113
msgid "Location of the keytab to validate credentials"
msgstr "Расположение keytab-файла для проверки учётных данных"
-#: src/config/SSSDConfig.py:107
+#: src/config/SSSDConfig.py:114
msgid "Enable credential validation"
msgstr "Включить проверку учётных данных"
-#: src/config/SSSDConfig.py:108
+#: src/config/SSSDConfig.py:115
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig.py:109
+#: src/config/SSSDConfig.py:116
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:110
+#: src/config/SSSDConfig.py:117
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:111
+#: src/config/SSSDConfig.py:118
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig.py:112
+#: src/config/SSSDConfig.py:119
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig.py:115
+#: src/config/SSSDConfig.py:122
msgid "Server where the change password service is running if not on the KDC"
msgstr "Сервер, на котором запущена служба смены пароля (если не на KDC)"
-#: src/config/SSSDConfig.py:118
+#: src/config/SSSDConfig.py:125
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, URI сервера LDAP "
-#: src/config/SSSDConfig.py:119
+#: src/config/SSSDConfig.py:126
msgid "The default base DN"
msgstr "Base DN по умолчанию"
-#: src/config/SSSDConfig.py:120
+#: src/config/SSSDConfig.py:127
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Тип схемы, используемой на LDAP-сервере, rfc2307"
-#: src/config/SSSDConfig.py:121
+#: src/config/SSSDConfig.py:128
msgid "The default bind DN"
msgstr "Bind DN по умолчанию"
-#: src/config/SSSDConfig.py:122
+#: src/config/SSSDConfig.py:129
msgid "The type of the authentication token of the default bind DN"
msgstr "Тип маркера проверки подлинности для bind DN по умолчанию"
-#: src/config/SSSDConfig.py:123
+#: src/config/SSSDConfig.py:130
msgid "The authentication token of the default bind DN"
msgstr "Маркер проверки подлинности для bind DN по умолчанию"
-#: src/config/SSSDConfig.py:124
+#: src/config/SSSDConfig.py:131
msgid "Length of time to attempt connection"
msgstr "Временной интервал для попытки соединения"
-#: src/config/SSSDConfig.py:125
+#: src/config/SSSDConfig.py:132
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Временной интервал для попытки синхронизации операций LDAP"
-#: src/config/SSSDConfig.py:126
+#: src/config/SSSDConfig.py:133
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
"Временной интервал между попытками возобновления соединения в автономного "
"режиме"
-#: src/config/SSSDConfig.py:127
+#: src/config/SSSDConfig.py:134
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig.py:128
+#: src/config/SSSDConfig.py:135
#, fuzzy
msgid "File that contains CA certificates"
msgstr "Файл, содержащий CA сертификаты"
-#: src/config/SSSDConfig.py:129
+#: src/config/SSSDConfig.py:136
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig.py:130
+#: src/config/SSSDConfig.py:137
#, fuzzy
msgid "File that contains the client certificate"
msgstr "Файл, содержащий CA сертификаты"
-#: src/config/SSSDConfig.py:131
+#: src/config/SSSDConfig.py:138
#, fuzzy
msgid "File that contains the client key"
msgstr "Файл, содержащий CA сертификаты"
-#: src/config/SSSDConfig.py:132
+#: src/config/SSSDConfig.py:139
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig.py:133
+#: src/config/SSSDConfig.py:140
msgid "Require TLS certificate verification"
msgstr "Требуется проверка сертификата TLS"
-#: src/config/SSSDConfig.py:134
+#: src/config/SSSDConfig.py:141
msgid "Specify the sasl mechanism to use"
msgstr "Укажите механизм sasl"
-#: src/config/SSSDConfig.py:135
+#: src/config/SSSDConfig.py:142
msgid "Specify the sasl authorization id to use"
msgstr "Укажите идентификатор авторизации sasl"
-#: src/config/SSSDConfig.py:136
+#: src/config/SSSDConfig.py:143
#, fuzzy
msgid "Specify the sasl authorization realm to use"
msgstr "Укажите идентификатор авторизации sasl"
-#: src/config/SSSDConfig.py:137
+#: src/config/SSSDConfig.py:144
msgid "Kerberos service keytab"
msgstr "Keytab-файл службы Kerberos"
-#: src/config/SSSDConfig.py:138
+#: src/config/SSSDConfig.py:145
msgid "Use Kerberos auth for LDAP connection"
msgstr "Использовать проверку подлинности Kerberos для LDAP-соединения"
-#: src/config/SSSDConfig.py:139
+#: src/config/SSSDConfig.py:146
msgid "Follow LDAP referrals"
msgstr "Следовать ссылкам LDAP"
-#: src/config/SSSDConfig.py:140
+#: src/config/SSSDConfig.py:147
#, fuzzy
msgid "Lifetime of TGT for LDAP connection"
msgstr "Использовать проверку подлинности Kerberos для LDAP-соединения"
-#: src/config/SSSDConfig.py:141
+#: src/config/SSSDConfig.py:148
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig.py:142
+#: src/config/SSSDConfig.py:149
#, fuzzy
msgid "Service name for DNS service lookups"
msgstr "Фильтр поиска"
-#: src/config/SSSDConfig.py:143
+#: src/config/SSSDConfig.py:150
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig.py:145
+#: src/config/SSSDConfig.py:151
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig.py:153
#, fuzzy
msgid "entryUSN attribute"
msgstr "Атрибут «UID»"
-#: src/config/SSSDConfig.py:146
+#: src/config/SSSDConfig.py:154
#, fuzzy
msgid "lastUSN attribute"
msgstr "Атрибут «UID»"
-#: src/config/SSSDConfig.py:149
+#: src/config/SSSDConfig.py:157
msgid "Length of time to wait for a search request"
msgstr "Временной интервал, в течение которого ожидать поискового запроса"
-#: src/config/SSSDConfig.py:150
+#: src/config/SSSDConfig.py:158
#, fuzzy
msgid "Length of time to wait for a enumeration request"
msgstr "Временной интервал, в течение которого ожидать поискового запроса"
-#: src/config/SSSDConfig.py:151
+#: src/config/SSSDConfig.py:159
msgid "Length of time between enumeration updates"
msgstr "Временной интервал между обновлениями перечисления"
-#: src/config/SSSDConfig.py:152
+#: src/config/SSSDConfig.py:160
#, fuzzy
msgid "Length of time between cache cleanups"
msgstr "Временной интервал между обновлениями перечисления"
-#: src/config/SSSDConfig.py:153
+#: src/config/SSSDConfig.py:161
#, fuzzy
msgid "Require TLS for ID lookups"
msgstr "Требуется TLS для поиска ID"
-#: src/config/SSSDConfig.py:154
+#: src/config/SSSDConfig.py:162
msgid "Base DN for user lookups"
msgstr "Base DN для поиска"
-#: src/config/SSSDConfig.py:155
+#: src/config/SSSDConfig.py:163
msgid "Scope of user lookups"
msgstr "Глубина поиска"
-#: src/config/SSSDConfig.py:156
+#: src/config/SSSDConfig.py:164
msgid "Filter for user lookups"
msgstr "Фильтр поиска"
-#: src/config/SSSDConfig.py:157
+#: src/config/SSSDConfig.py:165
msgid "Objectclass for users"
msgstr "Objectclass для пользователей"
-#: src/config/SSSDConfig.py:158
+#: src/config/SSSDConfig.py:166
msgid "Username attribute"
msgstr "Атрибут «username»"
-#: src/config/SSSDConfig.py:160
+#: src/config/SSSDConfig.py:168
msgid "UID attribute"
msgstr "Атрибут «UID»"
-#: src/config/SSSDConfig.py:161
+#: src/config/SSSDConfig.py:169
msgid "Primary GID attribute"
msgstr "Атрибут «primary GID»"
-#: src/config/SSSDConfig.py:162
+#: src/config/SSSDConfig.py:170
msgid "GECOS attribute"
msgstr "Атрибут «GECOS»"
-#: src/config/SSSDConfig.py:163
+#: src/config/SSSDConfig.py:171
msgid "Home directory attribute"
msgstr "Атрибут домашнего каталога"
-#: src/config/SSSDConfig.py:164
+#: src/config/SSSDConfig.py:172
msgid "Shell attribute"
msgstr "Атрибут оболочки"
-#: src/config/SSSDConfig.py:165
+#: src/config/SSSDConfig.py:173
msgid "UUID attribute"
msgstr "Атрибут «UUID»"
-#: src/config/SSSDConfig.py:166
+#: src/config/SSSDConfig.py:174
msgid "User principal attribute (for Kerberos)"
msgstr "Атрибут участника-пользователя (для Kerberos)"
-#: src/config/SSSDConfig.py:167
+#: src/config/SSSDConfig.py:175
msgid "Full Name"
msgstr "Полное имя"
-#: src/config/SSSDConfig.py:168
+#: src/config/SSSDConfig.py:176
msgid "memberOf attribute"
msgstr "Атрибут memberOf"
-#: src/config/SSSDConfig.py:169
+#: src/config/SSSDConfig.py:177
msgid "Modification time attribute"
msgstr "Атрибут времени изменения"
-#: src/config/SSSDConfig.py:171
+#: src/config/SSSDConfig.py:179
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:172
+#: src/config/SSSDConfig.py:180
#, fuzzy
msgid "shadowMin attribute"
msgstr "Атрибут «username»"
-#: src/config/SSSDConfig.py:173
+#: src/config/SSSDConfig.py:181
#, fuzzy
msgid "shadowMax attribute"
msgstr "Атрибут «username»"
-#: src/config/SSSDConfig.py:174
+#: src/config/SSSDConfig.py:182
#, fuzzy
msgid "shadowWarning attribute"
msgstr "Атрибут «username»"
-#: src/config/SSSDConfig.py:175
+#: src/config/SSSDConfig.py:183
#, fuzzy
msgid "shadowInactive attribute"
msgstr "Атрибут «username»"
-#: src/config/SSSDConfig.py:176
+#: src/config/SSSDConfig.py:184
#, fuzzy
msgid "shadowExpire attribute"
msgstr "Атрибут «username»"
-#: src/config/SSSDConfig.py:177
+#: src/config/SSSDConfig.py:185
#, fuzzy
msgid "shadowFlag attribute"
msgstr "Атрибут оболочки"
-#: src/config/SSSDConfig.py:178
+#: src/config/SSSDConfig.py:186
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig.py:179
+#: src/config/SSSDConfig.py:187
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig.py:180
+#: src/config/SSSDConfig.py:188
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:181
+#: src/config/SSSDConfig.py:189
#, fuzzy
msgid "krbPasswordExpiration attribute"
msgstr "Атрибут времени изменения"
-#: src/config/SSSDConfig.py:182
+#: src/config/SSSDConfig.py:190
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig.py:183
+#: src/config/SSSDConfig.py:191
#, fuzzy
msgid "accountExpires attribute of AD"
msgstr "Атрибут «username»"
-#: src/config/SSSDConfig.py:184
+#: src/config/SSSDConfig.py:192
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:185
+#: src/config/SSSDConfig.py:193
#, fuzzy
msgid "nsAccountLock attribute"
msgstr "Атрибут «username»"
-#: src/config/SSSDConfig.py:187
+#: src/config/SSSDConfig.py:194
+#, fuzzy
+msgid "loginDisabled attribute of NDS"
+msgstr "Атрибут «username»"
+
+#: src/config/SSSDConfig.py:195
+#, fuzzy
+msgid "loginExpirationTime attribute of NDS"
+msgstr "Атрибут «username»"
+
+#: src/config/SSSDConfig.py:196
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:198
#, fuzzy
msgid "Base DN for group lookups"
msgstr "Base DN для поиска"
-#: src/config/SSSDConfig.py:190
+#: src/config/SSSDConfig.py:201
#, fuzzy
msgid "Objectclass for groups"
msgstr "Objectclass для пользователей"
-#: src/config/SSSDConfig.py:191
+#: src/config/SSSDConfig.py:202
#, fuzzy
msgid "Group name"
msgstr "Группы"
-#: src/config/SSSDConfig.py:192
+#: src/config/SSSDConfig.py:203
#, fuzzy
msgid "Group password"
msgstr "Группы"
-#: src/config/SSSDConfig.py:193
+#: src/config/SSSDConfig.py:204
#, fuzzy
msgid "GID attribute"
msgstr "Атрибут «UID»"
-#: src/config/SSSDConfig.py:194
+#: src/config/SSSDConfig.py:205
#, fuzzy
msgid "Group member attribute"
msgstr "Атрибут memberOf"
-#: src/config/SSSDConfig.py:195
+#: src/config/SSSDConfig.py:206
#, fuzzy
msgid "Group UUID attribute"
msgstr "Атрибут «UUID»"
-#: src/config/SSSDConfig.py:196
+#: src/config/SSSDConfig.py:207
#, fuzzy
msgid "Modification time attribute for groups"
msgstr "Атрибут времени изменения"
-#: src/config/SSSDConfig.py:198
+#: src/config/SSSDConfig.py:209
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig.py:200
+#: src/config/SSSDConfig.py:211
#, fuzzy
msgid "Base DN for netgroup lookups"
msgstr "Base DN для поиска"
-#: src/config/SSSDConfig.py:201
+#: src/config/SSSDConfig.py:212
#, fuzzy
msgid "Objectclass for netgroups"
msgstr "Objectclass для пользователей"
-#: src/config/SSSDConfig.py:202
+#: src/config/SSSDConfig.py:213
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig.py:203
+#: src/config/SSSDConfig.py:214
#, fuzzy
msgid "Netgroups members attribute"
msgstr "Атрибут memberOf"
-#: src/config/SSSDConfig.py:204
+#: src/config/SSSDConfig.py:215
#, fuzzy
msgid "Netgroup triple attribute"
msgstr "Атрибут времени изменения"
-#: src/config/SSSDConfig.py:205
+#: src/config/SSSDConfig.py:216
#, fuzzy
msgid "Netgroup UUID attribute"
msgstr "Атрибут «UUID»"
-#: src/config/SSSDConfig.py:206
+#: src/config/SSSDConfig.py:217
#, fuzzy
msgid "Modification time attribute for netgroups"
msgstr "Атрибут времени изменения"
-#: src/config/SSSDConfig.py:209
+#: src/config/SSSDConfig.py:220
msgid "Policy to evaluate the password expiration"
msgstr "Политика вычисления окончания срока действия пароля"
-#: src/config/SSSDConfig.py:212
+#: src/config/SSSDConfig.py:223
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig.py:213
+#: src/config/SSSDConfig.py:224
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig.py:214
+#: src/config/SSSDConfig.py:225
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig.py:217
+#: src/config/SSSDConfig.py:228
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig.py:218
+#: src/config/SSSDConfig.py:229
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig.py:221
+#: src/config/SSSDConfig.py:232
msgid "Comma separated list of allowed users"
msgstr "Разделённый запятыми список разрешённых пользователей"
-#: src/config/SSSDConfig.py:222
+#: src/config/SSSDConfig.py:233
msgid "Comma separated list of prohibited users"
msgstr "Разделённый запятыми список запрещённых пользователей"
-#: src/config/SSSDConfig.py:225
+#: src/config/SSSDConfig.py:236
msgid "Default shell, /bin/bash"
msgstr "Оболочка по умолчанию, /bin/bash"
-#: src/config/SSSDConfig.py:226
+#: src/config/SSSDConfig.py:237
msgid "Base for home directories"
msgstr "Место для домашних каталогов"
-#: src/config/SSSDConfig.py:229
+#: src/config/SSSDConfig.py:240
msgid "The name of the NSS library to use"
msgstr "Имя используемой библиотеки NSS"
-#: src/config/SSSDConfig.py:232
+#: src/config/SSSDConfig.py:243
msgid "PAM stack to use"
msgstr "Используемый стек PAM"
-#: src/monitor/monitor.c:2245
+#: src/monitor/monitor.c:2316
msgid "Become a daemon (default)"
msgstr "Запускаться в качестве службы (по умолчанию)"
-#: src/monitor/monitor.c:2247
+#: src/monitor/monitor.c:2318
msgid "Run interactive (not a daemon)"
msgstr "Запускаться интерактивно (не службой)"
-#: src/monitor/monitor.c:2249
+#: src/monitor/monitor.c:2320
msgid "Specify a non-default config file"
msgstr "Указать файл конфигурации"
#: src/providers/krb5/krb5_child.c:1554 src/providers/ldap/ldap_child.c:360
-#: src/util/util.h:65
+#: src/util/util.h:67
msgid "Debug level"
msgstr "Уровень отладки"
#: src/providers/krb5/krb5_child.c:1556 src/providers/ldap/ldap_child.c:362
-#: src/util/util.h:69
+#: src/util/util.h:71
msgid "Add debug timestamps"
msgstr "Добавить отладочные отметки времени"
@@ -688,95 +738,95 @@ msgstr "Добавить отладочные отметки времени"
msgid "An open file descriptor for the debug logs"
msgstr "Открытый дескриптор файла для журналов отладки"
-#: src/providers/data_provider_be.c:1226
+#: src/providers/data_provider_be.c:1196
msgid "Domain of the information provider (mandatory)"
msgstr "Домен поставщика информации (обязательный)"
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:820
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:825
+#: src/sss_client/common.c:823
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:826
#, fuzzy
msgid "Unexpected format of the server credential message."
msgstr "Расположения кэша учётных данных пользователей"
-#: src/sss_client/common.c:831
+#: src/sss_client/common.c:829
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:836
+#: src/sss_client/common.c:834
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:842
+#: src/sss_client/common.c:840
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:378
+#: src/sss_client/pam_sss.c:374
msgid "Passwords do not match"
msgstr "Пароли не совпадают"
-#: src/sss_client/pam_sss.c:571
+#: src/sss_client/pam_sss.c:567
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:612
+#: src/sss_client/pam_sss.c:608
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:613
+#: src/sss_client/pam_sss.c:609
msgid ", your cached password will expire at: "
msgstr ", срок действия вашего кэшированного пароль истечёт:"
-#: src/sss_client/pam_sss.c:643
+#: src/sss_client/pam_sss.c:639
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:689
+#: src/sss_client/pam_sss.c:685
#, fuzzy, c-format
msgid "Your password will expire in %d %s."
msgstr ", срок действия вашего кэшированного пароль истечёт:"
-#: src/sss_client/pam_sss.c:738
+#: src/sss_client/pam_sss.c:734
#, fuzzy
msgid "Authentication is denied until: "
msgstr "Автономная проверка подлинности, проверка подлинности запрещена до:"
-#: src/sss_client/pam_sss.c:765
+#: src/sss_client/pam_sss.c:761
msgid "System is offline, password change not possible"
msgstr "Система находится в автономном режиме, невозможно сменить пароль"
-#: src/sss_client/pam_sss.c:795 src/sss_client/pam_sss.c:808
+#: src/sss_client/pam_sss.c:791 src/sss_client/pam_sss.c:804
msgid "Password change failed. "
msgstr "Не удалось сменить пароль."
-#: src/sss_client/pam_sss.c:798 src/sss_client/pam_sss.c:809
+#: src/sss_client/pam_sss.c:794 src/sss_client/pam_sss.c:805
msgid "Server message: "
msgstr "Сообщение сервера:"
-#: src/sss_client/pam_sss.c:1212
+#: src/sss_client/pam_sss.c:1208
msgid "New Password: "
msgstr "Новый пароль:"
-#: src/sss_client/pam_sss.c:1213
+#: src/sss_client/pam_sss.c:1209
msgid "Reenter new Password: "
msgstr "Введите новый пароль ещё раз:"
-#: src/sss_client/pam_sss.c:1295
+#: src/sss_client/pam_sss.c:1291
msgid "Password: "
msgstr "Пароль:"
-#: src/sss_client/pam_sss.c:1327
+#: src/sss_client/pam_sss.c:1323
msgid "Current Password: "
msgstr "Текущий пароль:"
-#: src/sss_client/pam_sss.c:1473
+#: src/sss_client/pam_sss.c:1469
msgid "Password expired. Change your password now."
msgstr "Срок действия пароля истёк. Необходимо сейчас изменить ваш пароль."
@@ -1199,7 +1249,7 @@ msgstr "Недостаточно памяти\n"
msgid "%s must be run as root\n"
msgstr "%s должно выполняться от имени root\n"
-#: src/util/util.h:67
+#: src/util/util.h:69
msgid "Send the debug output to files instead of stderr"
msgstr "Отправлять отладочные сообщения в файлы, а не в stderr"
diff --git a/po/sssd.pot b/po/sssd.pot
index 0ffaeae30..d3ee76a54 100644
--- a/po/sssd.pot
+++ b/po/sssd.pot
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-04-27 11:41-0400\n"
+"POT-Creation-Date: 2011-08-02 15:55-0400\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -89,552 +89,600 @@ msgstr ""
msgid "The value of the password field the NSS provider should return"
msgstr ""
+#: src/config/SSSDConfig.py:61
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:62
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
#: src/config/SSSDConfig.py:63
-msgid "How long to allow cached logins between online logins (days)"
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
msgstr ""
#: src/config/SSSDConfig.py:64
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig.py:67
+msgid "How long to allow cached logins between online logins (days)"
+msgstr ""
+
+#: src/config/SSSDConfig.py:68
msgid "How many failed logins attempts are allowed when offline"
msgstr ""
-#: src/config/SSSDConfig.py:65
+#: src/config/SSSDConfig.py:69
msgid ""
"How long (minutes) to deny login after offline_failed_login_attempts has "
"been reached"
msgstr ""
-#: src/config/SSSDConfig.py:66
+#: src/config/SSSDConfig.py:70
msgid "What kind of messages are displayed to the user during authentication"
msgstr ""
-#: src/config/SSSDConfig.py:67
+#: src/config/SSSDConfig.py:71
msgid "How many seconds to keep identity information cached for PAM requests"
msgstr ""
-#: src/config/SSSDConfig.py:68
+#: src/config/SSSDConfig.py:72
msgid "How many days before password expiration a warning should be displayed"
msgstr ""
-#: src/config/SSSDConfig.py:71
+#: src/config/SSSDConfig.py:75
msgid "Identity provider"
msgstr ""
-#: src/config/SSSDConfig.py:72
+#: src/config/SSSDConfig.py:76
msgid "Authentication provider"
msgstr ""
-#: src/config/SSSDConfig.py:73
+#: src/config/SSSDConfig.py:77
msgid "Access control provider"
msgstr ""
-#: src/config/SSSDConfig.py:74
+#: src/config/SSSDConfig.py:78
msgid "Password change provider"
msgstr ""
-#: src/config/SSSDConfig.py:77
+#: src/config/SSSDConfig.py:81
msgid "Minimum user ID"
msgstr ""
-#: src/config/SSSDConfig.py:78
+#: src/config/SSSDConfig.py:82
msgid "Maximum user ID"
msgstr ""
-#: src/config/SSSDConfig.py:79
+#: src/config/SSSDConfig.py:83
msgid "Enable enumerating all users/groups"
msgstr ""
-#: src/config/SSSDConfig.py:80
+#: src/config/SSSDConfig.py:84
msgid "Cache credentials for offline login"
msgstr ""
-#: src/config/SSSDConfig.py:81
+#: src/config/SSSDConfig.py:85
msgid "Store password hashes"
msgstr ""
-#: src/config/SSSDConfig.py:82
+#: src/config/SSSDConfig.py:86
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig.py:83
+#: src/config/SSSDConfig.py:87
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:84
+#: src/config/SSSDConfig.py:88
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig.py:85
+#: src/config/SSSDConfig.py:89
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig.py:86
+#: src/config/SSSDConfig.py:90
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:87
+#: src/config/SSSDConfig.py:91
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig.py:90
+#: src/config/SSSDConfig.py:92
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:95
msgid "IPA domain"
msgstr ""
-#: src/config/SSSDConfig.py:91
+#: src/config/SSSDConfig.py:96
msgid "IPA server address"
msgstr ""
-#: src/config/SSSDConfig.py:92
+#: src/config/SSSDConfig.py:97
msgid "IPA client hostname"
msgstr ""
-#: src/config/SSSDConfig.py:93
+#: src/config/SSSDConfig.py:98
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig.py:94
+#: src/config/SSSDConfig.py:99
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig.py:95
+#: src/config/SSSDConfig.py:100
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig.py:98 src/config/SSSDConfig.py:99
+#: src/config/SSSDConfig.py:101
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig.py:102
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig.py:105 src/config/SSSDConfig.py:106
msgid "Kerberos server address"
msgstr ""
-#: src/config/SSSDConfig.py:100
+#: src/config/SSSDConfig.py:107
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig.py:101
+#: src/config/SSSDConfig.py:108
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig.py:104
+#: src/config/SSSDConfig.py:111
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig.py:105
+#: src/config/SSSDConfig.py:112
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig.py:106
+#: src/config/SSSDConfig.py:113
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig.py:107
+#: src/config/SSSDConfig.py:114
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig.py:108
+#: src/config/SSSDConfig.py:115
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig.py:109
+#: src/config/SSSDConfig.py:116
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:110
+#: src/config/SSSDConfig.py:117
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:111
+#: src/config/SSSDConfig.py:118
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig.py:112
+#: src/config/SSSDConfig.py:119
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig.py:115
+#: src/config/SSSDConfig.py:122
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig.py:118
+#: src/config/SSSDConfig.py:125
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig.py:119
+#: src/config/SSSDConfig.py:126
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig.py:120
+#: src/config/SSSDConfig.py:127
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig.py:121
+#: src/config/SSSDConfig.py:128
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:122
+#: src/config/SSSDConfig.py:129
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:123
+#: src/config/SSSDConfig.py:130
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:124
+#: src/config/SSSDConfig.py:131
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig.py:125
+#: src/config/SSSDConfig.py:132
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig.py:126
+#: src/config/SSSDConfig.py:133
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig.py:127
+#: src/config/SSSDConfig.py:134
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig.py:128
+#: src/config/SSSDConfig.py:135
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig.py:129
+#: src/config/SSSDConfig.py:136
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig.py:130
+#: src/config/SSSDConfig.py:137
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig.py:131
+#: src/config/SSSDConfig.py:138
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig.py:132
+#: src/config/SSSDConfig.py:139
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig.py:133
+#: src/config/SSSDConfig.py:140
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig.py:134
+#: src/config/SSSDConfig.py:141
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig.py:135
+#: src/config/SSSDConfig.py:142
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig.py:136
+#: src/config/SSSDConfig.py:143
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig.py:137
+#: src/config/SSSDConfig.py:144
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig.py:138
+#: src/config/SSSDConfig.py:145
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig.py:139
+#: src/config/SSSDConfig.py:146
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig.py:140
+#: src/config/SSSDConfig.py:147
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig.py:141
+#: src/config/SSSDConfig.py:148
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig.py:142
+#: src/config/SSSDConfig.py:149
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig.py:143
+#: src/config/SSSDConfig.py:150
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig.py:145
+#: src/config/SSSDConfig.py:151
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig.py:153
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig.py:146
+#: src/config/SSSDConfig.py:154
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig.py:149
+#: src/config/SSSDConfig.py:157
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig.py:150
+#: src/config/SSSDConfig.py:158
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig.py:151
+#: src/config/SSSDConfig.py:159
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig.py:152
+#: src/config/SSSDConfig.py:160
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig.py:153
+#: src/config/SSSDConfig.py:161
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig.py:154
+#: src/config/SSSDConfig.py:162
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:155
+#: src/config/SSSDConfig.py:163
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:156
+#: src/config/SSSDConfig.py:164
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:157
+#: src/config/SSSDConfig.py:165
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig.py:158
+#: src/config/SSSDConfig.py:166
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig.py:160
+#: src/config/SSSDConfig.py:168
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:161
+#: src/config/SSSDConfig.py:169
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:162
+#: src/config/SSSDConfig.py:170
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig.py:163
+#: src/config/SSSDConfig.py:171
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig.py:164
+#: src/config/SSSDConfig.py:172
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig.py:165
+#: src/config/SSSDConfig.py:173
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:166
+#: src/config/SSSDConfig.py:174
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig.py:167
+#: src/config/SSSDConfig.py:175
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig.py:168
+#: src/config/SSSDConfig.py:176
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig.py:169
+#: src/config/SSSDConfig.py:177
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig.py:171
+#: src/config/SSSDConfig.py:179
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:172
+#: src/config/SSSDConfig.py:180
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig.py:173
+#: src/config/SSSDConfig.py:181
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig.py:174
+#: src/config/SSSDConfig.py:182
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig.py:175
+#: src/config/SSSDConfig.py:183
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig.py:176
+#: src/config/SSSDConfig.py:184
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig.py:177
+#: src/config/SSSDConfig.py:185
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig.py:178
+#: src/config/SSSDConfig.py:186
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig.py:179
+#: src/config/SSSDConfig.py:187
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig.py:180
+#: src/config/SSSDConfig.py:188
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:181
+#: src/config/SSSDConfig.py:189
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig.py:182
+#: src/config/SSSDConfig.py:190
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig.py:183
+#: src/config/SSSDConfig.py:191
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:184
+#: src/config/SSSDConfig.py:192
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:185
+#: src/config/SSSDConfig.py:193
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig.py:187
+#: src/config/SSSDConfig.py:194
+msgid "loginDisabled attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:195
+msgid "loginExpirationTime attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:196
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:198
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig.py:190
+#: src/config/SSSDConfig.py:201
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig.py:191
+#: src/config/SSSDConfig.py:202
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig.py:192
+#: src/config/SSSDConfig.py:203
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig.py:193
+#: src/config/SSSDConfig.py:204
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:194
+#: src/config/SSSDConfig.py:205
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig.py:195
+#: src/config/SSSDConfig.py:206
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:196
+#: src/config/SSSDConfig.py:207
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig.py:198
+#: src/config/SSSDConfig.py:209
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig.py:200
+#: src/config/SSSDConfig.py:211
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig.py:201
+#: src/config/SSSDConfig.py:212
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig.py:202
+#: src/config/SSSDConfig.py:213
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig.py:203
+#: src/config/SSSDConfig.py:214
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig.py:204
+#: src/config/SSSDConfig.py:215
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig.py:205
+#: src/config/SSSDConfig.py:216
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig.py:206
+#: src/config/SSSDConfig.py:217
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig.py:209
+#: src/config/SSSDConfig.py:220
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig.py:212
+#: src/config/SSSDConfig.py:223
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig.py:213
+#: src/config/SSSDConfig.py:224
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig.py:214
+#: src/config/SSSDConfig.py:225
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig.py:217
+#: src/config/SSSDConfig.py:228
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig.py:218
+#: src/config/SSSDConfig.py:229
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig.py:221
+#: src/config/SSSDConfig.py:232
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig.py:222
+#: src/config/SSSDConfig.py:233
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig.py:225
+#: src/config/SSSDConfig.py:236
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig.py:226
+#: src/config/SSSDConfig.py:237
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig.py:229
+#: src/config/SSSDConfig.py:240
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig.py:232
+#: src/config/SSSDConfig.py:243
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2245
+#: src/monitor/monitor.c:2316
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2247
+#: src/monitor/monitor.c:2318
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2249
+#: src/monitor/monitor.c:2320
msgid "Specify a non-default config file"
msgstr ""
#: src/providers/krb5/krb5_child.c:1554 src/providers/ldap/ldap_child.c:360
-#: src/util/util.h:65
+#: src/util/util.h:67
msgid "Debug level"
msgstr ""
#: src/providers/krb5/krb5_child.c:1556 src/providers/ldap/ldap_child.c:362
-#: src/util/util.h:69
+#: src/util/util.h:71
msgid "Add debug timestamps"
msgstr ""
@@ -642,93 +690,93 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:1226
+#: src/providers/data_provider_be.c:1196
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:820
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:825
+#: src/sss_client/common.c:823
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:826
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:831
+#: src/sss_client/common.c:829
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:836
+#: src/sss_client/common.c:834
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:842
+#: src/sss_client/common.c:840
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:378
+#: src/sss_client/pam_sss.c:374
msgid "Passwords do not match"
msgstr ""
-#: src/sss_client/pam_sss.c:571
+#: src/sss_client/pam_sss.c:567
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:612
+#: src/sss_client/pam_sss.c:608
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:613
+#: src/sss_client/pam_sss.c:609
msgid ", your cached password will expire at: "
msgstr ""
-#: src/sss_client/pam_sss.c:643
+#: src/sss_client/pam_sss.c:639
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:689
+#: src/sss_client/pam_sss.c:685
#, c-format
msgid "Your password will expire in %d %s."
msgstr ""
-#: src/sss_client/pam_sss.c:738
+#: src/sss_client/pam_sss.c:734
msgid "Authentication is denied until: "
msgstr ""
-#: src/sss_client/pam_sss.c:765
+#: src/sss_client/pam_sss.c:761
msgid "System is offline, password change not possible"
msgstr ""
-#: src/sss_client/pam_sss.c:795 src/sss_client/pam_sss.c:808
+#: src/sss_client/pam_sss.c:791 src/sss_client/pam_sss.c:804
msgid "Password change failed. "
msgstr ""
-#: src/sss_client/pam_sss.c:798 src/sss_client/pam_sss.c:809
+#: src/sss_client/pam_sss.c:794 src/sss_client/pam_sss.c:805
msgid "Server message: "
msgstr ""
-#: src/sss_client/pam_sss.c:1212
+#: src/sss_client/pam_sss.c:1208
msgid "New Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1213
+#: src/sss_client/pam_sss.c:1209
msgid "Reenter new Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1295
+#: src/sss_client/pam_sss.c:1291
msgid "Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1327
+#: src/sss_client/pam_sss.c:1323
msgid "Current Password: "
msgstr ""
-#: src/sss_client/pam_sss.c:1473
+#: src/sss_client/pam_sss.c:1469
msgid "Password expired. Change your password now."
msgstr ""
@@ -1126,6 +1174,6 @@ msgstr ""
msgid "%s must be run as root\n"
msgstr ""
-#: src/util/util.h:67
+#: src/util/util.h:69
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/sv.po b/po/sv.po
index 67e3ca012..787e3016f 100644
--- a/po/sv.po
+++ b/po/sv.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sss_server\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-04-27 11:41-0400\n"
+"POT-Creation-Date: 2011-08-02 15:55-0400\n"
"PO-Revision-Date: 2009-12-30 17:58+0100\n"
"Last-Translator: Göran Uddeborg <goeran@uddeborg.se>\n"
"Language-Team: Swedish <tp-sv@listor.tp-sv.se>\n"
@@ -89,589 +89,639 @@ msgstr "Skall filtrerade användare förekomma i grupper"
msgid "The value of the password field the NSS provider should return"
msgstr "Värdet på lösenordfältet som NSS-leverantörer skall returnera"
+#: src/config/SSSDConfig.py:61
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:62
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
#: src/config/SSSDConfig.py:63
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
+msgstr ""
+
+#: src/config/SSSDConfig.py:64
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig.py:67
msgid "How long to allow cached logins between online logins (days)"
msgstr ""
"Hur länge sparade inloggningar tillåts mellan online-inloggningar (dagar)"
-#: src/config/SSSDConfig.py:64
+#: src/config/SSSDConfig.py:68
msgid "How many failed logins attempts are allowed when offline"
msgstr ""
-#: src/config/SSSDConfig.py:65
+#: src/config/SSSDConfig.py:69
msgid ""
"How long (minutes) to deny login after offline_failed_login_attempts has "
"been reached"
msgstr ""
-#: src/config/SSSDConfig.py:66
+#: src/config/SSSDConfig.py:70
msgid "What kind of messages are displayed to the user during authentication"
msgstr ""
-#: src/config/SSSDConfig.py:67
+#: src/config/SSSDConfig.py:71
msgid "How many seconds to keep identity information cached for PAM requests"
msgstr ""
-#: src/config/SSSDConfig.py:68
+#: src/config/SSSDConfig.py:72
msgid "How many days before password expiration a warning should be displayed"
msgstr ""
-#: src/config/SSSDConfig.py:71
+#: src/config/SSSDConfig.py:75
msgid "Identity provider"
msgstr "Identifiera leverantör"
-#: src/config/SSSDConfig.py:72
+#: src/config/SSSDConfig.py:76
msgid "Authentication provider"
msgstr "Autentiseringsleverantör"
-#: src/config/SSSDConfig.py:73
+#: src/config/SSSDConfig.py:77
msgid "Access control provider"
msgstr "Leverantör av åtkomstkontroll"
-#: src/config/SSSDConfig.py:74
+#: src/config/SSSDConfig.py:78
msgid "Password change provider"
msgstr "Leverantör av lösenordsändringar"
-#: src/config/SSSDConfig.py:77
+#: src/config/SSSDConfig.py:81
msgid "Minimum user ID"
msgstr "Minsta användar-ID"
-#: src/config/SSSDConfig.py:78
+#: src/config/SSSDConfig.py:82
msgid "Maximum user ID"
msgstr "Största användar-ID"
-#: src/config/SSSDConfig.py:79
+#: src/config/SSSDConfig.py:83
msgid "Enable enumerating all users/groups"
msgstr "Aktivera uppräkning av alla användare/grupper"
-#: src/config/SSSDConfig.py:80
+#: src/config/SSSDConfig.py:84
msgid "Cache credentials for offline login"
msgstr "Cache-kreditiv för frånkopplad inloggning"
-#: src/config/SSSDConfig.py:81
+#: src/config/SSSDConfig.py:85
msgid "Store password hashes"
msgstr "Lagra lösenords-kontrollsummor"
-#: src/config/SSSDConfig.py:82
+#: src/config/SSSDConfig.py:86
msgid "Display users/groups in fully-qualified form"
msgstr "Visa användare/grupper i fullständigt kvalificerat format"
-#: src/config/SSSDConfig.py:83
+#: src/config/SSSDConfig.py:87
msgid "Entry cache timeout length (seconds)"
msgstr "Tidsgränslängd för postcache (sekunder)"
-#: src/config/SSSDConfig.py:84
+#: src/config/SSSDConfig.py:88
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig.py:85
+#: src/config/SSSDConfig.py:89
#, fuzzy
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Hur länge sparade inloggningar tillåts mellan online-inloggningar (dagar)"
-#: src/config/SSSDConfig.py:86
+#: src/config/SSSDConfig.py:90
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:87
+#: src/config/SSSDConfig.py:91
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig.py:90
+#: src/config/SSSDConfig.py:92
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:95
msgid "IPA domain"
msgstr "IPA-domän"
-#: src/config/SSSDConfig.py:91
+#: src/config/SSSDConfig.py:96
msgid "IPA server address"
msgstr "IPA-serveradress"
-#: src/config/SSSDConfig.py:92
+#: src/config/SSSDConfig.py:97
msgid "IPA client hostname"
msgstr "IPA-klienvärdnamn"
-#: src/config/SSSDConfig.py:93
+#: src/config/SSSDConfig.py:98
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig.py:94
+#: src/config/SSSDConfig.py:99
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig.py:95
+#: src/config/SSSDConfig.py:100
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig.py:98 src/config/SSSDConfig.py:99
+#: src/config/SSSDConfig.py:101
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig.py:102
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig.py:105 src/config/SSSDConfig.py:106
msgid "Kerberos server address"
msgstr "Kerberosserveradress"
-#: src/config/SSSDConfig.py:100
+#: src/config/SSSDConfig.py:107
msgid "Kerberos realm"
msgstr "Kerberosrike"
-#: src/config/SSSDConfig.py:101
+#: src/config/SSSDConfig.py:108
msgid "Authentication timeout"
msgstr "Autentiseringstidsgräns"
-#: src/config/SSSDConfig.py:104
+#: src/config/SSSDConfig.py:111
msgid "Directory to store credential caches"
msgstr "Katalog att lagra kreditiv-cachar i"
-#: src/config/SSSDConfig.py:105
+#: src/config/SSSDConfig.py:112
msgid "Location of the user's credential cache"
msgstr "Plats för användarens kreditiv-cache"
-#: src/config/SSSDConfig.py:106
+#: src/config/SSSDConfig.py:113
msgid "Location of the keytab to validate credentials"
msgstr "Plats för nyckeltabellen för att validera kreditiv"
-#: src/config/SSSDConfig.py:107
+#: src/config/SSSDConfig.py:114
msgid "Enable credential validation"
msgstr "Aktivera validering av kreditiv"
-#: src/config/SSSDConfig.py:108
+#: src/config/SSSDConfig.py:115
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig.py:109
+#: src/config/SSSDConfig.py:116
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:110
+#: src/config/SSSDConfig.py:117
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:111
+#: src/config/SSSDConfig.py:118
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig.py:112
+#: src/config/SSSDConfig.py:119
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig.py:115
+#: src/config/SSSDConfig.py:122
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig.py:118
+#: src/config/SSSDConfig.py:125
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, URI:n för LDAP-servern"
-#: src/config/SSSDConfig.py:119
+#: src/config/SSSDConfig.py:126
msgid "The default base DN"
msgstr "Standard bas-DN"
-#: src/config/SSSDConfig.py:120
+#: src/config/SSSDConfig.py:127
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Schematypen som används i LDAP-servern, rfc2307"
-#: src/config/SSSDConfig.py:121
+#: src/config/SSSDConfig.py:128
msgid "The default bind DN"
msgstr "Standard bindnings-DN"
-#: src/config/SSSDConfig.py:122
+#: src/config/SSSDConfig.py:129
msgid "The type of the authentication token of the default bind DN"
msgstr "Typen på autenticerings-token för standard bindnings-DN"
-#: src/config/SSSDConfig.py:123
+#: src/config/SSSDConfig.py:130
msgid "The authentication token of the default bind DN"
msgstr "Autenticerings-token för standard bindnings-DN"
-#: src/config/SSSDConfig.py:124
+#: src/config/SSSDConfig.py:131
msgid "Length of time to attempt connection"
msgstr "Tidslängd att försöka ansluta"
-#: src/config/SSSDConfig.py:125
+#: src/config/SSSDConfig.py:132
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Tidslängd att försök synkrona LDAP-operationer"
-#: src/config/SSSDConfig.py:126
+#: src/config/SSSDConfig.py:133
msgid "Length of time between attempts to reconnect while offline"
msgstr "Tidslängd mellan försök att återansluta under frånkoppling"
-#: src/config/SSSDConfig.py:127
+#: src/config/SSSDConfig.py:134
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig.py:128
+#: src/config/SSSDConfig.py:135
#, fuzzy
msgid "File that contains CA certificates"
msgstr "fil som innehåller CA-certifikat"
-#: src/config/SSSDConfig.py:129
+#: src/config/SSSDConfig.py:136
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig.py:130
+#: src/config/SSSDConfig.py:137
#, fuzzy
msgid "File that contains the client certificate"
msgstr "fil som innehåller CA-certifikat"
-#: src/config/SSSDConfig.py:131
+#: src/config/SSSDConfig.py:138
#, fuzzy
msgid "File that contains the client key"
msgstr "fil som innehåller CA-certifikat"
-#: src/config/SSSDConfig.py:132
+#: src/config/SSSDConfig.py:139
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig.py:133
+#: src/config/SSSDConfig.py:140
msgid "Require TLS certificate verification"
msgstr "Kräv TLS-certifikatverifiering"
-#: src/config/SSSDConfig.py:134
+#: src/config/SSSDConfig.py:141
msgid "Specify the sasl mechanism to use"
msgstr "Ange sasl-mekanismen att använda"
-#: src/config/SSSDConfig.py:135
+#: src/config/SSSDConfig.py:142
msgid "Specify the sasl authorization id to use"
msgstr "Ange sasl-auktorisering-id att använda"
-#: src/config/SSSDConfig.py:136
+#: src/config/SSSDConfig.py:143
#, fuzzy
msgid "Specify the sasl authorization realm to use"
msgstr "Ange sasl-auktorisering-id att använda"
-#: src/config/SSSDConfig.py:137
+#: src/config/SSSDConfig.py:144
msgid "Kerberos service keytab"
msgstr "Kerberostjänstens nyckeltabell"
-#: src/config/SSSDConfig.py:138
+#: src/config/SSSDConfig.py:145
msgid "Use Kerberos auth for LDAP connection"
msgstr "Avnänd Kerberosautenticering för LDAP-anslutning"
-#: src/config/SSSDConfig.py:139
+#: src/config/SSSDConfig.py:146
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig.py:140
+#: src/config/SSSDConfig.py:147
#, fuzzy
msgid "Lifetime of TGT for LDAP connection"
msgstr "Avnänd Kerberosautenticering för LDAP-anslutning"
-#: src/config/SSSDConfig.py:141
+#: src/config/SSSDConfig.py:148
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig.py:142
+#: src/config/SSSDConfig.py:149
#, fuzzy
msgid "Service name for DNS service lookups"
msgstr "Filter för användaruppslagningar"
-#: src/config/SSSDConfig.py:143
+#: src/config/SSSDConfig.py:150
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig.py:145
+#: src/config/SSSDConfig.py:151
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig.py:153
#, fuzzy
msgid "entryUSN attribute"
msgstr "UID-attribut"
-#: src/config/SSSDConfig.py:146
+#: src/config/SSSDConfig.py:154
#, fuzzy
msgid "lastUSN attribute"
msgstr "UID-attribut"
-#: src/config/SSSDConfig.py:149
+#: src/config/SSSDConfig.py:157
msgid "Length of time to wait for a search request"
msgstr "Tidslängd att vänta på en sökbegäran"
-#: src/config/SSSDConfig.py:150
+#: src/config/SSSDConfig.py:158
#, fuzzy
msgid "Length of time to wait for a enumeration request"
msgstr "Tidslängd att vänta på en sökbegäran"
-#: src/config/SSSDConfig.py:151
+#: src/config/SSSDConfig.py:159
msgid "Length of time between enumeration updates"
msgstr "Tidslängd mellan uppräkningsuppdateringar"
-#: src/config/SSSDConfig.py:152
+#: src/config/SSSDConfig.py:160
#, fuzzy
msgid "Length of time between cache cleanups"
msgstr "Tidslängd mellan uppräkningsuppdateringar"
-#: src/config/SSSDConfig.py:153
+#: src/config/SSSDConfig.py:161
#, fuzzy
msgid "Require TLS for ID lookups"
msgstr "Kräv TLS för ID-uppslagningar, falsk"
-#: src/config/SSSDConfig.py:154
+#: src/config/SSSDConfig.py:162
msgid "Base DN for user lookups"
msgstr "Bas-DN för användaruppslagningar"
-#: src/config/SSSDConfig.py:155
+#: src/config/SSSDConfig.py:163
msgid "Scope of user lookups"
msgstr "Omfång av användaruppslagningar"
-#: src/config/SSSDConfig.py:156
+#: src/config/SSSDConfig.py:164
msgid "Filter for user lookups"
msgstr "Filter för användaruppslagningar"
-#: src/config/SSSDConfig.py:157
+#: src/config/SSSDConfig.py:165
msgid "Objectclass for users"
msgstr "Objektklass för användare"
-#: src/config/SSSDConfig.py:158
+#: src/config/SSSDConfig.py:166
msgid "Username attribute"
msgstr "Användarnamnsattribut"
-#: src/config/SSSDConfig.py:160
+#: src/config/SSSDConfig.py:168
msgid "UID attribute"
msgstr "UID-attribut"
-#: src/config/SSSDConfig.py:161
+#: src/config/SSSDConfig.py:169
msgid "Primary GID attribute"
msgstr "Primärt GID-attribut"
-#: src/config/SSSDConfig.py:162
+#: src/config/SSSDConfig.py:170
msgid "GECOS attribute"
msgstr "GECOS-attribut"
-#: src/config/SSSDConfig.py:163
+#: src/config/SSSDConfig.py:171
msgid "Home directory attribute"
msgstr "Hemkatalogattribut"
-#: src/config/SSSDConfig.py:164
+#: src/config/SSSDConfig.py:172
msgid "Shell attribute"
msgstr "Skalattribut"
-#: src/config/SSSDConfig.py:165
+#: src/config/SSSDConfig.py:173
msgid "UUID attribute"
msgstr "UUID-attribut"
-#: src/config/SSSDConfig.py:166
+#: src/config/SSSDConfig.py:174
msgid "User principal attribute (for Kerberos)"
msgstr "Användarens huvudmansattribut (för Kerberos)"
-#: src/config/SSSDConfig.py:167
+#: src/config/SSSDConfig.py:175
msgid "Full Name"
msgstr "Fullständigt namn"
-#: src/config/SSSDConfig.py:168
+#: src/config/SSSDConfig.py:176
msgid "memberOf attribute"
msgstr "medlemAv-attribut"
-#: src/config/SSSDConfig.py:169
+#: src/config/SSSDConfig.py:177
msgid "Modification time attribute"
msgstr "Modifieringstidsattribut"
-#: src/config/SSSDConfig.py:171
+#: src/config/SSSDConfig.py:179
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:172
+#: src/config/SSSDConfig.py:180
#, fuzzy
msgid "shadowMin attribute"
msgstr "Användarnamnsattribut"
-#: src/config/SSSDConfig.py:173
+#: src/config/SSSDConfig.py:181
#, fuzzy
msgid "shadowMax attribute"
msgstr "Användarnamnsattribut"
-#: src/config/SSSDConfig.py:174
+#: src/config/SSSDConfig.py:182
#, fuzzy
msgid "shadowWarning attribute"
msgstr "Användarnamnsattribut"
-#: src/config/SSSDConfig.py:175
+#: src/config/SSSDConfig.py:183
#, fuzzy
msgid "shadowInactive attribute"
msgstr "Användarnamnsattribut"
-#: src/config/SSSDConfig.py:176
+#: src/config/SSSDConfig.py:184
#, fuzzy
msgid "shadowExpire attribute"
msgstr "Användarnamnsattribut"
-#: src/config/SSSDConfig.py:177
+#: src/config/SSSDConfig.py:185
#, fuzzy
msgid "shadowFlag attribute"
msgstr "Skalattribut"
-#: src/config/SSSDConfig.py:178
+#: src/config/SSSDConfig.py:186
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig.py:179
+#: src/config/SSSDConfig.py:187
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig.py:180
+#: src/config/SSSDConfig.py:188
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:181
+#: src/config/SSSDConfig.py:189
#, fuzzy
msgid "krbPasswordExpiration attribute"
msgstr "Modifieringstidsattribut"
-#: src/config/SSSDConfig.py:182
+#: src/config/SSSDConfig.py:190
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig.py:183
+#: src/config/SSSDConfig.py:191
#, fuzzy
msgid "accountExpires attribute of AD"
msgstr "Användarnamnsattribut"
-#: src/config/SSSDConfig.py:184
+#: src/config/SSSDConfig.py:192
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:185
+#: src/config/SSSDConfig.py:193
#, fuzzy
msgid "nsAccountLock attribute"
msgstr "Användarnamnsattribut"
-#: src/config/SSSDConfig.py:187
+#: src/config/SSSDConfig.py:194
+#, fuzzy
+msgid "loginDisabled attribute of NDS"
+msgstr "Användarnamnsattribut"
+
+#: src/config/SSSDConfig.py:195
+#, fuzzy
+msgid "loginExpirationTime attribute of NDS"
+msgstr "Användarnamnsattribut"
+
+#: src/config/SSSDConfig.py:196
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:198
#, fuzzy
msgid "Base DN for group lookups"
msgstr "Bas-DN för användaruppslagningar"
-#: src/config/SSSDConfig.py:190
+#: src/config/SSSDConfig.py:201
#, fuzzy
msgid "Objectclass for groups"
msgstr "Objektklass för användare"
-#: src/config/SSSDConfig.py:191
+#: src/config/SSSDConfig.py:202
#, fuzzy
msgid "Group name"
msgstr "Grupper"
-#: src/config/SSSDConfig.py:192
+#: src/config/SSSDConfig.py:203
#, fuzzy
msgid "Group password"
msgstr "Grupper"
-#: src/config/SSSDConfig.py:193
+#: src/config/SSSDConfig.py:204
#, fuzzy
msgid "GID attribute"
msgstr "UID-attribut"
-#: src/config/SSSDConfig.py:194
+#: src/config/SSSDConfig.py:205
#, fuzzy
msgid "Group member attribute"
msgstr "medlemAv-attribut"
-#: src/config/SSSDConfig.py:195
+#: src/config/SSSDConfig.py:206
#, fuzzy
msgid "Group UUID attribute"
msgstr "UUID-attribut"
-#: src/config/SSSDConfig.py:196
+#: src/config/SSSDConfig.py:207
#, fuzzy
msgid "Modification time attribute for groups"
msgstr "Modifieringstidsattribut"
-#: src/config/SSSDConfig.py:198
+#: src/config/SSSDConfig.py:209
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig.py:200
+#: src/config/SSSDConfig.py:211
#, fuzzy
msgid "Base DN for netgroup lookups"
msgstr "Bas-DN för användaruppslagningar"
-#: src/config/SSSDConfig.py:201
+#: src/config/SSSDConfig.py:212
#, fuzzy
msgid "Objectclass for netgroups"
msgstr "Objektklass för användare"
-#: src/config/SSSDConfig.py:202
+#: src/config/SSSDConfig.py:213
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig.py:203
+#: src/config/SSSDConfig.py:214
#, fuzzy
msgid "Netgroups members attribute"
msgstr "medlemAv-attribut"
-#: src/config/SSSDConfig.py:204
+#: src/config/SSSDConfig.py:215
#, fuzzy
msgid "Netgroup triple attribute"
msgstr "Modifieringstidsattribut"
-#: src/config/SSSDConfig.py:205
+#: src/config/SSSDConfig.py:216
#, fuzzy
msgid "Netgroup UUID attribute"
msgstr "UUID-attribut"
-#: src/config/SSSDConfig.py:206
+#: src/config/SSSDConfig.py:217
#, fuzzy
msgid "Modification time attribute for netgroups"
msgstr "Modifieringstidsattribut"
-#: src/config/SSSDConfig.py:209
+#: src/config/SSSDConfig.py:220
msgid "Policy to evaluate the password expiration"
msgstr "Policy för att utvärdera utgång av lösenord"
-#: src/config/SSSDConfig.py:212
+#: src/config/SSSDConfig.py:223
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig.py:213
+#: src/config/SSSDConfig.py:224
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig.py:214
+#: src/config/SSSDConfig.py:225
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig.py:217
+#: src/config/SSSDConfig.py:228
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig.py:218
+#: src/config/SSSDConfig.py:229
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig.py:221
+#: src/config/SSSDConfig.py:232
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig.py:222
+#: src/config/SSSDConfig.py:233
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig.py:225
+#: src/config/SSSDConfig.py:236
msgid "Default shell, /bin/bash"
msgstr "Standardskal, /bin/bash"
-#: src/config/SSSDConfig.py:226
+#: src/config/SSSDConfig.py:237
msgid "Base for home directories"
msgstr "Bas för hemkataloger"
-#: src/config/SSSDConfig.py:229
+#: src/config/SSSDConfig.py:240
msgid "The name of the NSS library to use"
msgstr "Namnet på NSS-biblioteket att använda"
-#: src/config/SSSDConfig.py:232
+#: src/config/SSSDConfig.py:243
msgid "PAM stack to use"
msgstr "PAM-stack att använda"
-#: src/monitor/monitor.c:2245
+#: src/monitor/monitor.c:2316
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2247
+#: src/monitor/monitor.c:2318
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2249
+#: src/monitor/monitor.c:2320
msgid "Specify a non-default config file"
msgstr ""
#: src/providers/krb5/krb5_child.c:1554 src/providers/ldap/ldap_child.c:360
-#: src/util/util.h:65
+#: src/util/util.h:67
msgid "Debug level"
msgstr ""
#: src/providers/krb5/krb5_child.c:1556 src/providers/ldap/ldap_child.c:362
-#: src/util/util.h:69
+#: src/util/util.h:71
msgid "Add debug timestamps"
msgstr ""
@@ -680,97 +730,97 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr "Ange pratsamhet för felsökningsloggning"
-#: src/providers/data_provider_be.c:1226
+#: src/providers/data_provider_be.c:1196
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:820
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:825
+#: src/sss_client/common.c:823
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:826
#, fuzzy
msgid "Unexpected format of the server credential message."
msgstr "Plats för användarens kreditiv-cache"
-#: src/sss_client/common.c:831
+#: src/sss_client/common.c:829
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:836
+#: src/sss_client/common.c:834
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:842
+#: src/sss_client/common.c:840
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:378
+#: src/sss_client/pam_sss.c:374
msgid "Passwords do not match"
msgstr "Lösenorden stämmer inte överens"
-#: src/sss_client/pam_sss.c:571
+#: src/sss_client/pam_sss.c:567
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:612
+#: src/sss_client/pam_sss.c:608
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:613
+#: src/sss_client/pam_sss.c:609
msgid ", your cached password will expire at: "
msgstr ""
-#: src/sss_client/pam_sss.c:643
+#: src/sss_client/pam_sss.c:639
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:689
+#: src/sss_client/pam_sss.c:685
#, fuzzy, c-format
msgid "Your password will expire in %d %s."
msgstr "Lösenordet har gått ut."
-#: src/sss_client/pam_sss.c:738
+#: src/sss_client/pam_sss.c:734
#, fuzzy
msgid "Authentication is denied until: "
msgstr "Autentiseringstidsgräns"
-#: src/sss_client/pam_sss.c:765
+#: src/sss_client/pam_sss.c:761
msgid "System is offline, password change not possible"
msgstr ""
-#: src/sss_client/pam_sss.c:795 src/sss_client/pam_sss.c:808
+#: src/sss_client/pam_sss.c:791 src/sss_client/pam_sss.c:804
#, fuzzy
msgid "Password change failed. "
msgstr "Leverantör av lösenordsändringar"
-#: src/sss_client/pam_sss.c:798 src/sss_client/pam_sss.c:809
+#: src/sss_client/pam_sss.c:794 src/sss_client/pam_sss.c:805
msgid "Server message: "
msgstr ""
-#: src/sss_client/pam_sss.c:1212
+#: src/sss_client/pam_sss.c:1208
msgid "New Password: "
msgstr "Nytt lösenord: "
-#: src/sss_client/pam_sss.c:1213
+#: src/sss_client/pam_sss.c:1209
msgid "Reenter new Password: "
msgstr "Skriv det nya lösenordet igen: "
-#: src/sss_client/pam_sss.c:1295
+#: src/sss_client/pam_sss.c:1291
msgid "Password: "
msgstr "Lösenord: "
-#: src/sss_client/pam_sss.c:1327
+#: src/sss_client/pam_sss.c:1323
#, fuzzy
msgid "Current Password: "
msgstr "Nytt lösenord: "
-#: src/sss_client/pam_sss.c:1473
+#: src/sss_client/pam_sss.c:1469
msgid "Password expired. Change your password now."
msgstr ""
@@ -1193,7 +1243,7 @@ msgstr "Slut på minne\n"
msgid "%s must be run as root\n"
msgstr "%s måste köras som root\n"
-#: src/util/util.h:67
+#: src/util/util.h:69
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/uk.po b/po/uk.po
index cace977bd..db5b5d3f8 100644
--- a/po/uk.po
+++ b/po/uk.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-04-27 11:41-0400\n"
+"POT-Creation-Date: 2011-08-02 15:55-0400\n"
"PO-Revision-Date: 2011-03-08 15:07+0000\n"
"Last-Translator: sgallagh <sgallagh@redhat.com>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -90,17 +90,36 @@ msgstr "Чи слід показувати відфільтрованих кор
msgid "The value of the password field the NSS provider should return"
msgstr "Значення поля пароля, яке має повертати постачальник даних NSS"
+#: src/config/SSSDConfig.py:61
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:62
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
#: src/config/SSSDConfig.py:63
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
+msgstr ""
+
+#: src/config/SSSDConfig.py:64
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig.py:67
msgid "How long to allow cached logins between online logins (days)"
msgstr ""
"Тривалість зберігання кешованих реєстраційних даних між входами до системи "
"(у днях)"
-#: src/config/SSSDConfig.py:64
+#: src/config/SSSDConfig.py:68
msgid "How many failed logins attempts are allowed when offline"
msgstr "Макс. дозволена кількість помилкових спроб входу у автономному режимі"
-#: src/config/SSSDConfig.py:65
+#: src/config/SSSDConfig.py:69
msgid ""
"How long (minutes) to deny login after offline_failed_login_attempts has "
"been reached"
@@ -108,560 +127,591 @@ msgstr ""
"Тривалість (у хвилинах) заборони входу після досягнення значення "
"offline_failed_login_attempts"
-#: src/config/SSSDConfig.py:66
+#: src/config/SSSDConfig.py:70
msgid "What kind of messages are displayed to the user during authentication"
msgstr "Тип повідомлень, які буде показано користувачеві під час розпізнавання"
-#: src/config/SSSDConfig.py:67
+#: src/config/SSSDConfig.py:71
msgid "How many seconds to keep identity information cached for PAM requests"
msgstr ""
"Тривалість (у секундах) зберігання даних щодо розпізнавання у кеші для "
"запитів PAM"
-#: src/config/SSSDConfig.py:68
+#: src/config/SSSDConfig.py:72
msgid "How many days before password expiration a warning should be displayed"
msgstr ""
"Визначає кількість днів між днем, коли має бути показано попередження, і "
"днем, коли завершиться строк дії пароля"
-#: src/config/SSSDConfig.py:71
+#: src/config/SSSDConfig.py:75
msgid "Identity provider"
msgstr "Служба профілів"
-#: src/config/SSSDConfig.py:72
+#: src/config/SSSDConfig.py:76
msgid "Authentication provider"
msgstr "Служба розпізнавання"
-#: src/config/SSSDConfig.py:73
+#: src/config/SSSDConfig.py:77
msgid "Access control provider"
msgstr "Служба керування доступом"
-#: src/config/SSSDConfig.py:74
+#: src/config/SSSDConfig.py:78
msgid "Password change provider"
msgstr "Служба зміни паролів"
-#: src/config/SSSDConfig.py:77
+#: src/config/SSSDConfig.py:81
msgid "Minimum user ID"
msgstr "Мін. ідентифікатор користувача"
-#: src/config/SSSDConfig.py:78
+#: src/config/SSSDConfig.py:82
msgid "Maximum user ID"
msgstr "Макс. ідентифікатор користувача"
-#: src/config/SSSDConfig.py:79
+#: src/config/SSSDConfig.py:83
msgid "Enable enumerating all users/groups"
msgstr "Увімкнути нумерацію всіх користувачів/груп"
-#: src/config/SSSDConfig.py:80
+#: src/config/SSSDConfig.py:84
msgid "Cache credentials for offline login"
msgstr "Кешувати реєстраційні дані для автономного входу"
-#: src/config/SSSDConfig.py:81
+#: src/config/SSSDConfig.py:85
msgid "Store password hashes"
msgstr "Зберігати хеші паролів"
-#: src/config/SSSDConfig.py:82
+#: src/config/SSSDConfig.py:86
msgid "Display users/groups in fully-qualified form"
msgstr "Показувати записи користувачів/груп повністю"
-#: src/config/SSSDConfig.py:83
+#: src/config/SSSDConfig.py:87
msgid "Entry cache timeout length (seconds)"
msgstr "Тривалість кешування записів (у секундах)"
-#: src/config/SSSDConfig.py:84
+#: src/config/SSSDConfig.py:88
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Обмежити або надавати перевагу певному сімейству адрес під час виконання "
"пошуків DNS"
-#: src/config/SSSDConfig.py:85
+#: src/config/SSSDConfig.py:89
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Тривалість зберігання кешованих записів після останнього успішного входу (у "
"днях)"
-#: src/config/SSSDConfig.py:86
+#: src/config/SSSDConfig.py:90
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
"Тривалість очікування на відповідь від DNS під час визначення адрес серверів "
"(у секундах)"
-#: src/config/SSSDConfig.py:87
+#: src/config/SSSDConfig.py:91
msgid "The domain part of service discovery DNS query"
msgstr "Частина запиту щодо виявлення служби DNS, пов’язана з доменом"
-#: src/config/SSSDConfig.py:90
+#: src/config/SSSDConfig.py:92
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:95
msgid "IPA domain"
msgstr "Домен IPA"
-#: src/config/SSSDConfig.py:91
+#: src/config/SSSDConfig.py:96
msgid "IPA server address"
msgstr "Адреса сервера IPA"
-#: src/config/SSSDConfig.py:92
+#: src/config/SSSDConfig.py:97
msgid "IPA client hostname"
msgstr "Назва вузла клієнта IPA"
-#: src/config/SSSDConfig.py:93
+#: src/config/SSSDConfig.py:98
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Визначає, чи слід автоматично оновлювати запис DNS клієнтського вузла у "
"FreeIPA"
-#: src/config/SSSDConfig.py:94
+#: src/config/SSSDConfig.py:99
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"Інтерфейс, чию адресу IP має бути використано для динамічних оновлень DNS"
-#: src/config/SSSDConfig.py:95
+#: src/config/SSSDConfig.py:100
msgid "Search base for HBAC related objects"
msgstr "Шукати у базі об’єкти, пов’язані з HBAC"
-#: src/config/SSSDConfig.py:98 src/config/SSSDConfig.py:99
+#: src/config/SSSDConfig.py:101
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig.py:102
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig.py:105 src/config/SSSDConfig.py:106
msgid "Kerberos server address"
msgstr "Адреса сервера Kerberos"
-#: src/config/SSSDConfig.py:100
+#: src/config/SSSDConfig.py:107
msgid "Kerberos realm"
msgstr "Область Kerberos"
-#: src/config/SSSDConfig.py:101
+#: src/config/SSSDConfig.py:108
msgid "Authentication timeout"
msgstr "Час очікування на розпізнавання"
-#: src/config/SSSDConfig.py:104
+#: src/config/SSSDConfig.py:111
msgid "Directory to store credential caches"
msgstr "Каталог, де зберігатиметься кеш реєстраційних даних"
-#: src/config/SSSDConfig.py:105
+#: src/config/SSSDConfig.py:112
msgid "Location of the user's credential cache"
msgstr "Адреса кешу реєстраційних даних користувача"
-#: src/config/SSSDConfig.py:106
+#: src/config/SSSDConfig.py:113
msgid "Location of the keytab to validate credentials"
msgstr "Адреса таблиці ключів для перевірки реєстраційних даних"
-#: src/config/SSSDConfig.py:107
+#: src/config/SSSDConfig.py:114
msgid "Enable credential validation"
msgstr "Увімкнути перевірку реєстраційних даних"
-#: src/config/SSSDConfig.py:108
+#: src/config/SSSDConfig.py:115
msgid "Store password if offline for later online authentication"
msgstr "Зберігати пароль у автономному режимі для розпізнавання у мережі"
-#: src/config/SSSDConfig.py:109
+#: src/config/SSSDConfig.py:116
msgid "Renewable lifetime of the TGT"
msgstr "Поновлюваний строк дії TGT"
-#: src/config/SSSDConfig.py:110
+#: src/config/SSSDConfig.py:117
msgid "Lifetime of the TGT"
msgstr "Строк дії TGT"
-#: src/config/SSSDConfig.py:111
+#: src/config/SSSDConfig.py:118
msgid "Time between two checks for renewal"
msgstr "Граничний час між двома перевірками для поновлення"
-#: src/config/SSSDConfig.py:112
+#: src/config/SSSDConfig.py:119
msgid "Enables FAST"
msgstr "Вмикає FAST"
-#: src/config/SSSDConfig.py:115
+#: src/config/SSSDConfig.py:122
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Сервер, на якому запущено службу зміни паролів, якщо такий не вдасться "
"виявити у KDC"
-#: src/config/SSSDConfig.py:118
+#: src/config/SSSDConfig.py:125
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, адреса URI сервера LDAP"
-#: src/config/SSSDConfig.py:119
+#: src/config/SSSDConfig.py:126
msgid "The default base DN"
msgstr "Типова базова назва домену"
-#: src/config/SSSDConfig.py:120
+#: src/config/SSSDConfig.py:127
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Тип схеми, використаний на сервері LDAP, rfc2307"
-#: src/config/SSSDConfig.py:121
+#: src/config/SSSDConfig.py:128
msgid "The default bind DN"
msgstr "Типова назва домену прив’язки"
-#: src/config/SSSDConfig.py:122
+#: src/config/SSSDConfig.py:129
msgid "The type of the authentication token of the default bind DN"
msgstr "Тип розпізнавання для типової назви сервера прив’язки"
-#: src/config/SSSDConfig.py:123
+#: src/config/SSSDConfig.py:130
msgid "The authentication token of the default bind DN"
msgstr "Лексема розпізнавання типової назви сервера прив’язки"
-#: src/config/SSSDConfig.py:124
+#: src/config/SSSDConfig.py:131
msgid "Length of time to attempt connection"
msgstr "Проміжок часу між спробами встановлення з’єднання"
-#: src/config/SSSDConfig.py:125
+#: src/config/SSSDConfig.py:132
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Проміжок часу між спробами виконання синхронних операцій LDAP"
-#: src/config/SSSDConfig.py:126
+#: src/config/SSSDConfig.py:133
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
"Проміжок часу між повторними спробами встановлення з’єднання у автономному "
"режимі"
-#: src/config/SSSDConfig.py:127
+#: src/config/SSSDConfig.py:134
msgid "Use only the upper case for realm names"
msgstr "Використовувати для назв областей лише великі літери"
-#: src/config/SSSDConfig.py:128
+#: src/config/SSSDConfig.py:135
msgid "File that contains CA certificates"
msgstr "Файл, що містить сертифікати CA"
-#: src/config/SSSDConfig.py:129
+#: src/config/SSSDConfig.py:136
msgid "Path to CA certificate directory"
msgstr "Шлях до каталогу сертифікатів CA"
-#: src/config/SSSDConfig.py:130
+#: src/config/SSSDConfig.py:137
msgid "File that contains the client certificate"
msgstr "Файл, що містить клієнтський сертифікат"
-#: src/config/SSSDConfig.py:131
+#: src/config/SSSDConfig.py:138
msgid "File that contains the client key"
msgstr "Файл, що містить клієнтський ключ"
-#: src/config/SSSDConfig.py:132
+#: src/config/SSSDConfig.py:139
msgid "List of possible ciphers suites"
msgstr "Показати список можливих інструментів шифрування"
-#: src/config/SSSDConfig.py:133
+#: src/config/SSSDConfig.py:140
msgid "Require TLS certificate verification"
msgstr "Потрібна перевірка сертифіката TLS"
-#: src/config/SSSDConfig.py:134
+#: src/config/SSSDConfig.py:141
msgid "Specify the sasl mechanism to use"
msgstr "Вкажіть механізм SASL, який слід використовувати"
-#: src/config/SSSDConfig.py:135
+#: src/config/SSSDConfig.py:142
msgid "Specify the sasl authorization id to use"
msgstr "Вкажіть ідентифікатор уповноваження SASL, який слід використовувати"
-#: src/config/SSSDConfig.py:136
+#: src/config/SSSDConfig.py:143
#, fuzzy
msgid "Specify the sasl authorization realm to use"
msgstr "Вкажіть ідентифікатор уповноваження SASL, який слід використовувати"
-#: src/config/SSSDConfig.py:137
+#: src/config/SSSDConfig.py:144
msgid "Kerberos service keytab"
msgstr "Таблиця ключів служби Kerberos"
-#: src/config/SSSDConfig.py:138
+#: src/config/SSSDConfig.py:145
msgid "Use Kerberos auth for LDAP connection"
msgstr "Розпізнавання Kerberos для з’єднання LDAP"
-#: src/config/SSSDConfig.py:139
+#: src/config/SSSDConfig.py:146
msgid "Follow LDAP referrals"
msgstr "Переходити за посиланнями LDAP"
-#: src/config/SSSDConfig.py:140
+#: src/config/SSSDConfig.py:147
msgid "Lifetime of TGT for LDAP connection"
msgstr "Строк дії TGT для з’єднання LDAP"
-#: src/config/SSSDConfig.py:141
+#: src/config/SSSDConfig.py:148
msgid "How to dereference aliases"
msgstr "Спосіб розіменування псевдонімів"
-#: src/config/SSSDConfig.py:142
+#: src/config/SSSDConfig.py:149
msgid "Service name for DNS service lookups"
msgstr "Назва служби для пошуків за допомогою служби DNS"
-#: src/config/SSSDConfig.py:143
+#: src/config/SSSDConfig.py:150
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig.py:145
+#: src/config/SSSDConfig.py:151
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig.py:153
msgid "entryUSN attribute"
msgstr "Атрибут entryUSN"
-#: src/config/SSSDConfig.py:146
+#: src/config/SSSDConfig.py:154
msgid "lastUSN attribute"
msgstr "Атрибут lastUSN"
-#: src/config/SSSDConfig.py:149
+#: src/config/SSSDConfig.py:157
msgid "Length of time to wait for a search request"
msgstr "Тривалість очікування на дані запиту пошуку"
-#: src/config/SSSDConfig.py:150
+#: src/config/SSSDConfig.py:158
msgid "Length of time to wait for a enumeration request"
msgstr "Тривалість очікування на дані запиту щодо переліку"
-#: src/config/SSSDConfig.py:151
+#: src/config/SSSDConfig.py:159
msgid "Length of time between enumeration updates"
msgstr "Проміжок часу між оновленнями нумерації"
-#: src/config/SSSDConfig.py:152
+#: src/config/SSSDConfig.py:160
msgid "Length of time between cache cleanups"
msgstr "Проміжок часу між спорожненнями кешу"
-#: src/config/SSSDConfig.py:153
+#: src/config/SSSDConfig.py:161
msgid "Require TLS for ID lookups"
msgstr "Вимагати TLS для пошуків ідентифікаторів"
-#: src/config/SSSDConfig.py:154
+#: src/config/SSSDConfig.py:162
msgid "Base DN for user lookups"
msgstr "Базова назва домену для пошуків користувачів"
-#: src/config/SSSDConfig.py:155
+#: src/config/SSSDConfig.py:163
msgid "Scope of user lookups"
msgstr "Діапазон пошуків користувачів"
-#: src/config/SSSDConfig.py:156
+#: src/config/SSSDConfig.py:164
msgid "Filter for user lookups"
msgstr "Фільтр пошуку користувачів"
-#: src/config/SSSDConfig.py:157
+#: src/config/SSSDConfig.py:165
msgid "Objectclass for users"
msgstr "Клас об’єктів для користувачів"
-#: src/config/SSSDConfig.py:158
+#: src/config/SSSDConfig.py:166
msgid "Username attribute"
msgstr "Атрибут імені користувача"
-#: src/config/SSSDConfig.py:160
+#: src/config/SSSDConfig.py:168
msgid "UID attribute"
msgstr "Атрибут UID"
-#: src/config/SSSDConfig.py:161
+#: src/config/SSSDConfig.py:169
msgid "Primary GID attribute"
msgstr "Головний атрибут GID"
-#: src/config/SSSDConfig.py:162
+#: src/config/SSSDConfig.py:170
msgid "GECOS attribute"
msgstr "Атрибут GECOS"
-#: src/config/SSSDConfig.py:163
+#: src/config/SSSDConfig.py:171
msgid "Home directory attribute"
msgstr "Атрибут домашнього каталогу"
-#: src/config/SSSDConfig.py:164
+#: src/config/SSSDConfig.py:172
msgid "Shell attribute"
msgstr "Атрибут оболонки"
-#: src/config/SSSDConfig.py:165
+#: src/config/SSSDConfig.py:173
msgid "UUID attribute"
msgstr "Атрибут UUID"
-#: src/config/SSSDConfig.py:166
+#: src/config/SSSDConfig.py:174
msgid "User principal attribute (for Kerberos)"
msgstr "Атрибут реєстраційного запису користувача (для Kerberos)"
-#: src/config/SSSDConfig.py:167
+#: src/config/SSSDConfig.py:175
msgid "Full Name"
msgstr "Повне ім'я"
-#: src/config/SSSDConfig.py:168
+#: src/config/SSSDConfig.py:176
msgid "memberOf attribute"
msgstr "Атрибут memberOf"
-#: src/config/SSSDConfig.py:169
+#: src/config/SSSDConfig.py:177
msgid "Modification time attribute"
msgstr "Атрибут часу зміни"
-#: src/config/SSSDConfig.py:171
+#: src/config/SSSDConfig.py:179
msgid "shadowLastChange attribute"
msgstr "Атрибут shadowLastChange"
-#: src/config/SSSDConfig.py:172
+#: src/config/SSSDConfig.py:180
msgid "shadowMin attribute"
msgstr "Атрибут shadowMin"
-#: src/config/SSSDConfig.py:173
+#: src/config/SSSDConfig.py:181
msgid "shadowMax attribute"
msgstr "Атрибут shadowMax"
-#: src/config/SSSDConfig.py:174
+#: src/config/SSSDConfig.py:182
msgid "shadowWarning attribute"
msgstr "Атрибут shadowWarning"
-#: src/config/SSSDConfig.py:175
+#: src/config/SSSDConfig.py:183
msgid "shadowInactive attribute"
msgstr "Атрибут shadowInactive"
-#: src/config/SSSDConfig.py:176
+#: src/config/SSSDConfig.py:184
msgid "shadowExpire attribute"
msgstr "Атрибут shadowExpire"
-#: src/config/SSSDConfig.py:177
+#: src/config/SSSDConfig.py:185
msgid "shadowFlag attribute"
msgstr "Атрибут shadowFlag"
-#: src/config/SSSDConfig.py:178
+#: src/config/SSSDConfig.py:186
msgid "Attribute listing authorized PAM services"
msgstr "Атрибути зі списком уповноважених служб PAM"
-#: src/config/SSSDConfig.py:179
+#: src/config/SSSDConfig.py:187
#, fuzzy
msgid "Attribute listing authorized server hosts"
msgstr "Атрибути зі списком уповноважених служб PAM"
-#: src/config/SSSDConfig.py:180
+#: src/config/SSSDConfig.py:188
msgid "krbLastPwdChange attribute"
msgstr "Атрибут krbLastPwdChange"
-#: src/config/SSSDConfig.py:181
+#: src/config/SSSDConfig.py:189
msgid "krbPasswordExpiration attribute"
msgstr "Атрибут krbPasswordExpiration"
-#: src/config/SSSDConfig.py:182
+#: src/config/SSSDConfig.py:190
msgid "Attribute indicating that server side password policies are active"
msgstr ""
"Атрибут, що відповідає за активізацію правил обробки паролів на боці сервера"
-#: src/config/SSSDConfig.py:183
+#: src/config/SSSDConfig.py:191
msgid "accountExpires attribute of AD"
msgstr "Атрибут accountExpires AD"
-#: src/config/SSSDConfig.py:184
+#: src/config/SSSDConfig.py:192
msgid "userAccountControl attribute of AD"
msgstr "Атрибут userAccountControl AD"
-#: src/config/SSSDConfig.py:185
+#: src/config/SSSDConfig.py:193
msgid "nsAccountLock attribute"
msgstr "Атрибут nsAccountLock"
-#: src/config/SSSDConfig.py:187
+#: src/config/SSSDConfig.py:194
+#, fuzzy
+msgid "loginDisabled attribute of NDS"
+msgstr "Атрибут accountExpires AD"
+
+#: src/config/SSSDConfig.py:195
+#, fuzzy
+msgid "loginExpirationTime attribute of NDS"
+msgstr "Атрибут accountExpires AD"
+
+#: src/config/SSSDConfig.py:196
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:198
msgid "Base DN for group lookups"
msgstr "Базова назва домену для пошуків груп"
-#: src/config/SSSDConfig.py:190
+#: src/config/SSSDConfig.py:201
msgid "Objectclass for groups"
msgstr "Клас об’єктів для груп"
-#: src/config/SSSDConfig.py:191
+#: src/config/SSSDConfig.py:202
msgid "Group name"
msgstr "Назва групи"
-#: src/config/SSSDConfig.py:192
+#: src/config/SSSDConfig.py:203
msgid "Group password"
msgstr "Пароль групи"
-#: src/config/SSSDConfig.py:193
+#: src/config/SSSDConfig.py:204
msgid "GID attribute"
msgstr "Атрибут GID"
-#: src/config/SSSDConfig.py:194
+#: src/config/SSSDConfig.py:205
msgid "Group member attribute"
msgstr "Атрибут членства у групі"
-#: src/config/SSSDConfig.py:195
+#: src/config/SSSDConfig.py:206
msgid "Group UUID attribute"
msgstr "Атрибут UUID групи"
-#: src/config/SSSDConfig.py:196
+#: src/config/SSSDConfig.py:207
msgid "Modification time attribute for groups"
msgstr "Атрибут часу зміни для груп"
-#: src/config/SSSDConfig.py:198
+#: src/config/SSSDConfig.py:209
msgid "Maximum nesting level SSSd will follow"
msgstr "Максимальний рівень вкладеності, який використовуватиме SSSD"
-#: src/config/SSSDConfig.py:200
+#: src/config/SSSDConfig.py:211
msgid "Base DN for netgroup lookups"
msgstr "Базова назва домену для пошуків груп у мережі"
-#: src/config/SSSDConfig.py:201
+#: src/config/SSSDConfig.py:212
msgid "Objectclass for netgroups"
msgstr "Клас об’єктів для груп у мережі"
-#: src/config/SSSDConfig.py:202
+#: src/config/SSSDConfig.py:213
msgid "Netgroup name"
msgstr "Назва мережевої групи"
-#: src/config/SSSDConfig.py:203
+#: src/config/SSSDConfig.py:214
msgid "Netgroups members attribute"
msgstr "Атрибут членства у групах у мережі"
-#: src/config/SSSDConfig.py:204
+#: src/config/SSSDConfig.py:215
msgid "Netgroup triple attribute"
msgstr "Атрибут трійки груп у мережі"
-#: src/config/SSSDConfig.py:205
+#: src/config/SSSDConfig.py:216
msgid "Netgroup UUID attribute"
msgstr "Атрибут UUID груп у мережі"
-#: src/config/SSSDConfig.py:206
+#: src/config/SSSDConfig.py:217
msgid "Modification time attribute for netgroups"
msgstr "Атрибут часу зміни для мережевих груп"
-#: src/config/SSSDConfig.py:209
+#: src/config/SSSDConfig.py:220
msgid "Policy to evaluate the password expiration"
msgstr "Правила оцінки завершення строку дії пароля"
-#: src/config/SSSDConfig.py:212
+#: src/config/SSSDConfig.py:223
msgid "LDAP filter to determine access privileges"
msgstr "Фільтр LDAP для визначення прав доступу"
-#: src/config/SSSDConfig.py:213
+#: src/config/SSSDConfig.py:224
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
"Атрибути які слід використовувати для визначення чинності облікового запису"
-#: src/config/SSSDConfig.py:214
+#: src/config/SSSDConfig.py:225
msgid "Which rules should be used to evaluate access control"
msgstr ""
"Правила, які має бути використано для визначення достатності прав доступу"
-#: src/config/SSSDConfig.py:217
+#: src/config/SSSDConfig.py:228
msgid "URI of an LDAP server where password changes are allowed"
msgstr "Адреса на сервері LDAP, для якої можливі зміни паролів"
-#: src/config/SSSDConfig.py:218
+#: src/config/SSSDConfig.py:229
msgid "DNS service name for LDAP password change server"
msgstr "Назва у службі DNS сервера зміни паролів LDAP"
-#: src/config/SSSDConfig.py:221
+#: src/config/SSSDConfig.py:232
msgid "Comma separated list of allowed users"
msgstr "Відокремлений комами список дозволених користувачів"
-#: src/config/SSSDConfig.py:222
+#: src/config/SSSDConfig.py:233
msgid "Comma separated list of prohibited users"
msgstr "Відокремлений комами список заборонених користувачів"
-#: src/config/SSSDConfig.py:225
+#: src/config/SSSDConfig.py:236
msgid "Default shell, /bin/bash"
msgstr "Типова оболонка, /bin/bash"
-#: src/config/SSSDConfig.py:226
+#: src/config/SSSDConfig.py:237
msgid "Base for home directories"
msgstr "Базова адреса домашніх каталогів"
-#: src/config/SSSDConfig.py:229
+#: src/config/SSSDConfig.py:240
msgid "The name of the NSS library to use"
msgstr "Назва бібліотеки NSS, яку слід використовувати"
-#: src/config/SSSDConfig.py:232
+#: src/config/SSSDConfig.py:243
msgid "PAM stack to use"
msgstr "Стек PAM, який слід використовувати"
-#: src/monitor/monitor.c:2245
+#: src/monitor/monitor.c:2316
msgid "Become a daemon (default)"
msgstr "Запуститися фонову службу (типова поведінка)"
-#: src/monitor/monitor.c:2247
+#: src/monitor/monitor.c:2318
msgid "Run interactive (not a daemon)"
msgstr "Запустити у інтерактивному режимі (без фонової служби)"
-#: src/monitor/monitor.c:2249
+#: src/monitor/monitor.c:2320
msgid "Specify a non-default config file"
msgstr "Вказати нетиповий файл налаштувань"
#: src/providers/krb5/krb5_child.c:1554 src/providers/ldap/ldap_child.c:360
-#: src/util/util.h:65
+#: src/util/util.h:67
msgid "Debug level"
msgstr "Рівень зневаджування"
#: src/providers/krb5/krb5_child.c:1556 src/providers/ldap/ldap_child.c:362
-#: src/util/util.h:69
+#: src/util/util.h:71
msgid "Add debug timestamps"
msgstr "Додавати діагностичні часові позначки"
@@ -669,93 +719,93 @@ msgstr "Додавати діагностичні часові позначки"
msgid "An open file descriptor for the debug logs"
msgstr "Дескриптор відкритого файла для запису журналів діагностики"
-#: src/providers/data_provider_be.c:1226
+#: src/providers/data_provider_be.c:1196
msgid "Domain of the information provider (mandatory)"
msgstr "Домен надання відомостей (обов’язковий)"
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:820
msgid "Privileged socket has wrong ownership or permissions."
msgstr "У привілейованого сокета помилковий власник або права доступу."
-#: src/sss_client/common.c:825
+#: src/sss_client/common.c:823
msgid "Public socket has wrong ownership or permissions."
msgstr "У відкритого сокета помилковий власник або права доступу."
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:826
msgid "Unexpected format of the server credential message."
msgstr "Некоректний формат повідомлення щодо реєстраційних даних сервера."
-#: src/sss_client/common.c:831
+#: src/sss_client/common.c:829
msgid "SSSD is not run by root."
msgstr "SSSD запущено не від імені користувача root."
-#: src/sss_client/common.c:836
+#: src/sss_client/common.c:834
msgid "An error occurred, but no description can be found."
msgstr "Сталася помилка, але не вдалося знайти її опису."
-#: src/sss_client/common.c:842
+#: src/sss_client/common.c:840
msgid "Unexpected error while looking for an error description"
msgstr "Неочікувана помилка під час пошуку опису помилки"
-#: src/sss_client/pam_sss.c:378
+#: src/sss_client/pam_sss.c:374
msgid "Passwords do not match"
msgstr "Паролі не збігаються"
-#: src/sss_client/pam_sss.c:571
+#: src/sss_client/pam_sss.c:567
msgid "Password reset by root is not supported."
msgstr "Підтримки скидання пароля користувачем root не передбачено."
-#: src/sss_client/pam_sss.c:612
+#: src/sss_client/pam_sss.c:608
msgid "Authenticated with cached credentials"
msgstr "Розпізнано за реєстраційними даними з кешу"
-#: src/sss_client/pam_sss.c:613
+#: src/sss_client/pam_sss.c:609
msgid ", your cached password will expire at: "
msgstr ", строк дії вашого кешованого пароля завершиться: "
-#: src/sss_client/pam_sss.c:643
+#: src/sss_client/pam_sss.c:639
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
msgstr "Строк дії вашого пароля вичерпано. Залишилося %d резервних входи."
-#: src/sss_client/pam_sss.c:689
+#: src/sss_client/pam_sss.c:685
#, c-format
msgid "Your password will expire in %d %s."
msgstr "Строк дії вашого пароля завершиться за %d %s."
-#: src/sss_client/pam_sss.c:738
+#: src/sss_client/pam_sss.c:734
msgid "Authentication is denied until: "
msgstr "Розпізнавання заборонено до: "
-#: src/sss_client/pam_sss.c:765
+#: src/sss_client/pam_sss.c:761
msgid "System is offline, password change not possible"
msgstr "Система працює у автономному режимі, зміна пароля неможлива"
-#: src/sss_client/pam_sss.c:795 src/sss_client/pam_sss.c:808
+#: src/sss_client/pam_sss.c:791 src/sss_client/pam_sss.c:804
msgid "Password change failed. "
msgstr "Спроба зміни пароля зазнала невдачі. "
-#: src/sss_client/pam_sss.c:798 src/sss_client/pam_sss.c:809
+#: src/sss_client/pam_sss.c:794 src/sss_client/pam_sss.c:805
msgid "Server message: "
msgstr "Повідомлення сервера: "
-#: src/sss_client/pam_sss.c:1212
+#: src/sss_client/pam_sss.c:1208
msgid "New Password: "
msgstr "Новий пароль: "
-#: src/sss_client/pam_sss.c:1213
+#: src/sss_client/pam_sss.c:1209
msgid "Reenter new Password: "
msgstr "Ще раз введіть новий пароль: "
-#: src/sss_client/pam_sss.c:1295
+#: src/sss_client/pam_sss.c:1291
msgid "Password: "
msgstr "Пароль: "
-#: src/sss_client/pam_sss.c:1327
+#: src/sss_client/pam_sss.c:1323
msgid "Current Password: "
msgstr "Поточний пароль: "
-#: src/sss_client/pam_sss.c:1473
+#: src/sss_client/pam_sss.c:1469
msgid "Password expired. Change your password now."
msgstr "Строк дії пароля вичерпано. Змініть ваш пароль."
@@ -1187,6 +1237,6 @@ msgstr "Не вистачає пам'яті\n"
msgid "%s must be run as root\n"
msgstr "%s слід виконувати від імені користувача root\n"
-#: src/util/util.h:67
+#: src/util/util.h:69
msgid "Send the debug output to files instead of stderr"
msgstr "Надіслати діагностичні дані до файлів, а не до stderr"
diff --git a/po/zh_TW.po b/po/zh_TW.po
index 4ecc89a11..4c1b23dad 100644
--- a/po/zh_TW.po
+++ b/po/zh_TW.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sss_daemon 1.1.0\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-04-27 11:41-0400\n"
+"POT-Creation-Date: 2011-08-02 15:55-0400\n"
"PO-Revision-Date: 2010-03-22 22:00+0800\n"
"Last-Translator: Cheng-Chia Tseng <pswo10680@gmail.com>\n"
"Language-Team: Fedora-trans-zh_tw <trans-zh_tw@lists.fedoraproject.org>\n"
@@ -98,589 +98,639 @@ msgstr "過濾的使用者是否應該顯現在群組內"
msgid "The value of the password field the NSS provider should return"
msgstr "NSS 提供者應該回傳的密碼的值"
+#: src/config/SSSDConfig.py:61
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:62
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
#: src/config/SSSDConfig.py:63
-msgid "How long to allow cached logins between online logins (days)"
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
msgstr ""
#: src/config/SSSDConfig.py:64
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig.py:67
+msgid "How long to allow cached logins between online logins (days)"
+msgstr ""
+
+#: src/config/SSSDConfig.py:68
#, fuzzy
msgid "How many failed logins attempts are allowed when offline"
msgstr "當離線時所許可的試圖登入失敗次數"
-#: src/config/SSSDConfig.py:65
+#: src/config/SSSDConfig.py:69
msgid ""
"How long (minutes) to deny login after offline_failed_login_attempts has "
"been reached"
msgstr ""
-#: src/config/SSSDConfig.py:66
+#: src/config/SSSDConfig.py:70
msgid "What kind of messages are displayed to the user during authentication"
msgstr ""
-#: src/config/SSSDConfig.py:67
+#: src/config/SSSDConfig.py:71
msgid "How many seconds to keep identity information cached for PAM requests"
msgstr ""
-#: src/config/SSSDConfig.py:68
+#: src/config/SSSDConfig.py:72
msgid "How many days before password expiration a warning should be displayed"
msgstr ""
-#: src/config/SSSDConfig.py:71
+#: src/config/SSSDConfig.py:75
msgid "Identity provider"
msgstr "身分提供者"
-#: src/config/SSSDConfig.py:72
+#: src/config/SSSDConfig.py:76
msgid "Authentication provider"
msgstr "認證提供者"
-#: src/config/SSSDConfig.py:73
+#: src/config/SSSDConfig.py:77
msgid "Access control provider"
msgstr "存取控制提供者"
-#: src/config/SSSDConfig.py:74
+#: src/config/SSSDConfig.py:78
msgid "Password change provider"
msgstr "密碼變更提供者"
-#: src/config/SSSDConfig.py:77
+#: src/config/SSSDConfig.py:81
msgid "Minimum user ID"
msgstr "最小的使用者 ID"
-#: src/config/SSSDConfig.py:78
+#: src/config/SSSDConfig.py:82
msgid "Maximum user ID"
msgstr "最大的使用者 ID"
-#: src/config/SSSDConfig.py:79
+#: src/config/SSSDConfig.py:83
msgid "Enable enumerating all users/groups"
msgstr "啟用所有使用者或群組的列舉"
-#: src/config/SSSDConfig.py:80
+#: src/config/SSSDConfig.py:84
msgid "Cache credentials for offline login"
msgstr "供離線登入使用的快取憑證"
-#: src/config/SSSDConfig.py:81
+#: src/config/SSSDConfig.py:85
#, fuzzy
msgid "Store password hashes"
msgstr "儲存密碼雜湊"
-#: src/config/SSSDConfig.py:82
+#: src/config/SSSDConfig.py:86
msgid "Display users/groups in fully-qualified form"
msgstr ""
-#: src/config/SSSDConfig.py:83
+#: src/config/SSSDConfig.py:87
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:84
+#: src/config/SSSDConfig.py:88
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig.py:85
+#: src/config/SSSDConfig.py:89
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig.py:86
+#: src/config/SSSDConfig.py:90
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig.py:87
+#: src/config/SSSDConfig.py:91
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig.py:90
+#: src/config/SSSDConfig.py:92
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig.py:95
msgid "IPA domain"
msgstr "IPA 網域"
-#: src/config/SSSDConfig.py:91
+#: src/config/SSSDConfig.py:96
msgid "IPA server address"
msgstr "IPA 伺服器位址"
-#: src/config/SSSDConfig.py:92
+#: src/config/SSSDConfig.py:97
msgid "IPA client hostname"
msgstr "IPA 客戶端主機名稱"
-#: src/config/SSSDConfig.py:93
+#: src/config/SSSDConfig.py:98
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig.py:94
+#: src/config/SSSDConfig.py:99
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig.py:95
+#: src/config/SSSDConfig.py:100
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig.py:98 src/config/SSSDConfig.py:99
+#: src/config/SSSDConfig.py:101
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig.py:102
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig.py:105 src/config/SSSDConfig.py:106
msgid "Kerberos server address"
msgstr "Kerberos 伺服器位址"
-#: src/config/SSSDConfig.py:100
+#: src/config/SSSDConfig.py:107
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig.py:101
+#: src/config/SSSDConfig.py:108
msgid "Authentication timeout"
msgstr "認證逾時"
-#: src/config/SSSDConfig.py:104
+#: src/config/SSSDConfig.py:111
msgid "Directory to store credential caches"
msgstr "儲存憑證快取的目錄"
-#: src/config/SSSDConfig.py:105
+#: src/config/SSSDConfig.py:112
msgid "Location of the user's credential cache"
msgstr "使用者憑證快取的位置"
-#: src/config/SSSDConfig.py:106
+#: src/config/SSSDConfig.py:113
msgid "Location of the keytab to validate credentials"
msgstr "驗證憑證用的金鑰表格位置"
-#: src/config/SSSDConfig.py:107
+#: src/config/SSSDConfig.py:114
msgid "Enable credential validation"
msgstr "啟用憑證驗證"
-#: src/config/SSSDConfig.py:108
+#: src/config/SSSDConfig.py:115
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig.py:109
+#: src/config/SSSDConfig.py:116
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:110
+#: src/config/SSSDConfig.py:117
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig.py:111
+#: src/config/SSSDConfig.py:118
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig.py:112
+#: src/config/SSSDConfig.py:119
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig.py:115
+#: src/config/SSSDConfig.py:122
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig.py:118
+#: src/config/SSSDConfig.py:125
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig.py:119
+#: src/config/SSSDConfig.py:126
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig.py:120
+#: src/config/SSSDConfig.py:127
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig.py:121
+#: src/config/SSSDConfig.py:128
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:122
+#: src/config/SSSDConfig.py:129
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:123
+#: src/config/SSSDConfig.py:130
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig.py:124
+#: src/config/SSSDConfig.py:131
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig.py:125
+#: src/config/SSSDConfig.py:132
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig.py:126
+#: src/config/SSSDConfig.py:133
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig.py:127
+#: src/config/SSSDConfig.py:134
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig.py:128
+#: src/config/SSSDConfig.py:135
#, fuzzy
msgid "File that contains CA certificates"
msgstr "含有 CA 憑證的檔案"
-#: src/config/SSSDConfig.py:129
+#: src/config/SSSDConfig.py:136
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig.py:130
+#: src/config/SSSDConfig.py:137
#, fuzzy
msgid "File that contains the client certificate"
msgstr "含有 CA 憑證的檔案"
-#: src/config/SSSDConfig.py:131
+#: src/config/SSSDConfig.py:138
#, fuzzy
msgid "File that contains the client key"
msgstr "含有 CA 憑證的檔案"
-#: src/config/SSSDConfig.py:132
+#: src/config/SSSDConfig.py:139
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig.py:133
+#: src/config/SSSDConfig.py:140
msgid "Require TLS certificate verification"
msgstr "需要 TLS 憑證驗證"
-#: src/config/SSSDConfig.py:134
+#: src/config/SSSDConfig.py:141
msgid "Specify the sasl mechanism to use"
msgstr "指定要使用的 sasl 機制"
-#: src/config/SSSDConfig.py:135
+#: src/config/SSSDConfig.py:142
msgid "Specify the sasl authorization id to use"
msgstr "指定要使用的 sasl 認證 id"
-#: src/config/SSSDConfig.py:136
+#: src/config/SSSDConfig.py:143
#, fuzzy
msgid "Specify the sasl authorization realm to use"
msgstr "指定要使用的 sasl 認證 id"
-#: src/config/SSSDConfig.py:137
+#: src/config/SSSDConfig.py:144
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig.py:138
+#: src/config/SSSDConfig.py:145
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig.py:139
+#: src/config/SSSDConfig.py:146
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig.py:140
+#: src/config/SSSDConfig.py:147
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig.py:141
+#: src/config/SSSDConfig.py:148
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig.py:142
+#: src/config/SSSDConfig.py:149
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig.py:143
+#: src/config/SSSDConfig.py:150
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig.py:145
+#: src/config/SSSDConfig.py:151
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig.py:153
#, fuzzy
msgid "entryUSN attribute"
msgstr "UID 屬性"
-#: src/config/SSSDConfig.py:146
+#: src/config/SSSDConfig.py:154
#, fuzzy
msgid "lastUSN attribute"
msgstr "UID 屬性"
-#: src/config/SSSDConfig.py:149
+#: src/config/SSSDConfig.py:157
msgid "Length of time to wait for a search request"
msgstr "搜尋請求的等候時間長度"
-#: src/config/SSSDConfig.py:150
+#: src/config/SSSDConfig.py:158
#, fuzzy
msgid "Length of time to wait for a enumeration request"
msgstr "搜尋請求的等候時間長度"
-#: src/config/SSSDConfig.py:151
+#: src/config/SSSDConfig.py:159
#, fuzzy
msgid "Length of time between enumeration updates"
msgstr "在列舉更新之間的長度"
-#: src/config/SSSDConfig.py:152
+#: src/config/SSSDConfig.py:160
#, fuzzy
msgid "Length of time between cache cleanups"
msgstr "在列舉更新之間的長度"
-#: src/config/SSSDConfig.py:153
+#: src/config/SSSDConfig.py:161
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig.py:154
+#: src/config/SSSDConfig.py:162
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:155
+#: src/config/SSSDConfig.py:163
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:156
+#: src/config/SSSDConfig.py:164
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig.py:157
+#: src/config/SSSDConfig.py:165
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig.py:158
+#: src/config/SSSDConfig.py:166
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig.py:160
+#: src/config/SSSDConfig.py:168
#, fuzzy
msgid "UID attribute"
msgstr "UID 屬性"
-#: src/config/SSSDConfig.py:161
+#: src/config/SSSDConfig.py:169
#, fuzzy
msgid "Primary GID attribute"
msgstr "主要 GID 屬性"
-#: src/config/SSSDConfig.py:162
+#: src/config/SSSDConfig.py:170
#, fuzzy
msgid "GECOS attribute"
msgstr "GEOS 屬性"
-#: src/config/SSSDConfig.py:163
+#: src/config/SSSDConfig.py:171
#, fuzzy
msgid "Home directory attribute"
msgstr "家目錄屬性"
-#: src/config/SSSDConfig.py:164
+#: src/config/SSSDConfig.py:172
#, fuzzy
msgid "Shell attribute"
msgstr "Shell 屬性"
-#: src/config/SSSDConfig.py:165
+#: src/config/SSSDConfig.py:173
#, fuzzy
msgid "UUID attribute"
msgstr "UUID 屬性"
-#: src/config/SSSDConfig.py:166
+#: src/config/SSSDConfig.py:174
#, fuzzy
msgid "User principal attribute (for Kerberos)"
msgstr "使用者原則屬性(供 Kerberos 使用)"
-#: src/config/SSSDConfig.py:167
+#: src/config/SSSDConfig.py:175
msgid "Full Name"
msgstr "全名"
-#: src/config/SSSDConfig.py:168
+#: src/config/SSSDConfig.py:176
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig.py:169
+#: src/config/SSSDConfig.py:177
#, fuzzy
msgid "Modification time attribute"
msgstr "修改時間屬性"
-#: src/config/SSSDConfig.py:171
+#: src/config/SSSDConfig.py:179
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:172
+#: src/config/SSSDConfig.py:180
#, fuzzy
msgid "shadowMin attribute"
msgstr "Shell 屬性"
-#: src/config/SSSDConfig.py:173
+#: src/config/SSSDConfig.py:181
#, fuzzy
msgid "shadowMax attribute"
msgstr "Shell 屬性"
-#: src/config/SSSDConfig.py:174
+#: src/config/SSSDConfig.py:182
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig.py:175
+#: src/config/SSSDConfig.py:183
#, fuzzy
msgid "shadowInactive attribute"
msgstr "修改時間屬性"
-#: src/config/SSSDConfig.py:176
+#: src/config/SSSDConfig.py:184
#, fuzzy
msgid "shadowExpire attribute"
msgstr "Shell 屬性"
-#: src/config/SSSDConfig.py:177
+#: src/config/SSSDConfig.py:185
#, fuzzy
msgid "shadowFlag attribute"
msgstr "Shell 屬性"
-#: src/config/SSSDConfig.py:178
+#: src/config/SSSDConfig.py:186
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig.py:179
+#: src/config/SSSDConfig.py:187
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig.py:180
+#: src/config/SSSDConfig.py:188
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig.py:181
+#: src/config/SSSDConfig.py:189
#, fuzzy
msgid "krbPasswordExpiration attribute"
msgstr "修改時間屬性"
-#: src/config/SSSDConfig.py:182
+#: src/config/SSSDConfig.py:190
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig.py:183
+#: src/config/SSSDConfig.py:191
#, fuzzy
msgid "accountExpires attribute of AD"
msgstr "Shell 屬性"
-#: src/config/SSSDConfig.py:184
+#: src/config/SSSDConfig.py:192
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig.py:185
+#: src/config/SSSDConfig.py:193
#, fuzzy
msgid "nsAccountLock attribute"
msgstr "Shell 屬性"
-#: src/config/SSSDConfig.py:187
+#: src/config/SSSDConfig.py:194
+#, fuzzy
+msgid "loginDisabled attribute of NDS"
+msgstr "Shell 屬性"
+
+#: src/config/SSSDConfig.py:195
+#, fuzzy
+msgid "loginExpirationTime attribute of NDS"
+msgstr "Shell 屬性"
+
+#: src/config/SSSDConfig.py:196
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig.py:198
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig.py:190
+#: src/config/SSSDConfig.py:201
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig.py:191
+#: src/config/SSSDConfig.py:202
#, fuzzy
msgid "Group name"
msgstr "群組"
-#: src/config/SSSDConfig.py:192
+#: src/config/SSSDConfig.py:203
#, fuzzy
msgid "Group password"
msgstr "群組"
-#: src/config/SSSDConfig.py:193
+#: src/config/SSSDConfig.py:204
#, fuzzy
msgid "GID attribute"
msgstr "UID 屬性"
-#: src/config/SSSDConfig.py:194
+#: src/config/SSSDConfig.py:205
#, fuzzy
msgid "Group member attribute"
msgstr "家目錄屬性"
-#: src/config/SSSDConfig.py:195
+#: src/config/SSSDConfig.py:206
#, fuzzy
msgid "Group UUID attribute"
msgstr "UUID 屬性"
-#: src/config/SSSDConfig.py:196
+#: src/config/SSSDConfig.py:207
#, fuzzy
msgid "Modification time attribute for groups"
msgstr "修改時間屬性"
-#: src/config/SSSDConfig.py:198
+#: src/config/SSSDConfig.py:209
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig.py:200
+#: src/config/SSSDConfig.py:211
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig.py:201
+#: src/config/SSSDConfig.py:212
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig.py:202
+#: src/config/SSSDConfig.py:213
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig.py:203
+#: src/config/SSSDConfig.py:214
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig.py:204
+#: src/config/SSSDConfig.py:215
#, fuzzy
msgid "Netgroup triple attribute"
msgstr "修改時間屬性"
-#: src/config/SSSDConfig.py:205
+#: src/config/SSSDConfig.py:216
#, fuzzy
msgid "Netgroup UUID attribute"
msgstr "UUID 屬性"
-#: src/config/SSSDConfig.py:206
+#: src/config/SSSDConfig.py:217
#, fuzzy
msgid "Modification time attribute for netgroups"
msgstr "修改時間屬性"
-#: src/config/SSSDConfig.py:209
+#: src/config/SSSDConfig.py:220
msgid "Policy to evaluate the password expiration"
msgstr "評估密碼過期時效的策略"
-#: src/config/SSSDConfig.py:212
+#: src/config/SSSDConfig.py:223
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig.py:213
+#: src/config/SSSDConfig.py:224
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig.py:214
+#: src/config/SSSDConfig.py:225
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig.py:217
+#: src/config/SSSDConfig.py:228
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig.py:218
+#: src/config/SSSDConfig.py:229
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig.py:221
+#: src/config/SSSDConfig.py:232
msgid "Comma separated list of allowed users"
msgstr "許可的使用者清單,請使用半形逗號作為分隔"
-#: src/config/SSSDConfig.py:222
+#: src/config/SSSDConfig.py:233
msgid "Comma separated list of prohibited users"
msgstr "被禁止的使用者清單,請使用半形逗號作為分隔"
-#: src/config/SSSDConfig.py:225
+#: src/config/SSSDConfig.py:236
msgid "Default shell, /bin/bash"
msgstr "預設 shell,/bin/bash"
-#: src/config/SSSDConfig.py:226
+#: src/config/SSSDConfig.py:237
#, fuzzy
msgid "Base for home directories"
msgstr "家目錄的基礎"
-#: src/config/SSSDConfig.py:229
+#: src/config/SSSDConfig.py:240
msgid "The name of the NSS library to use"
msgstr "要使用的 NSS 函式庫名稱"
-#: src/config/SSSDConfig.py:232
+#: src/config/SSSDConfig.py:243
msgid "PAM stack to use"
msgstr "要使用的 PAM 堆疊"
-#: src/monitor/monitor.c:2245
+#: src/monitor/monitor.c:2316
msgid "Become a daemon (default)"
msgstr "作為幕後程式 (預設)"
-#: src/monitor/monitor.c:2247
+#: src/monitor/monitor.c:2318
msgid "Run interactive (not a daemon)"
msgstr "以互動方式執行 (非幕後程式)"
-#: src/monitor/monitor.c:2249
+#: src/monitor/monitor.c:2320
msgid "Specify a non-default config file"
msgstr "指定非預設的配置檔"
#: src/providers/krb5/krb5_child.c:1554 src/providers/ldap/ldap_child.c:360
-#: src/util/util.h:65
+#: src/util/util.h:67
msgid "Debug level"
msgstr "除錯層級"
#: src/providers/krb5/krb5_child.c:1556 src/providers/ldap/ldap_child.c:362
-#: src/util/util.h:69
+#: src/util/util.h:71
msgid "Add debug timestamps"
msgstr "加入除錯時間戳記"
@@ -689,96 +739,96 @@ msgstr "加入除錯時間戳記"
msgid "An open file descriptor for the debug logs"
msgstr "供除錯日誌使用的開啟檔案描述符"
-#: src/providers/data_provider_be.c:1226
+#: src/providers/data_provider_be.c:1196
#, fuzzy
msgid "Domain of the information provider (mandatory)"
msgstr "資訊提供者的網域(委任)"
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:820
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:825
+#: src/sss_client/common.c:823
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:826
#, fuzzy
msgid "Unexpected format of the server credential message."
msgstr "使用者憑證快取的位置"
-#: src/sss_client/common.c:831
+#: src/sss_client/common.c:829
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:836
+#: src/sss_client/common.c:834
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:842
+#: src/sss_client/common.c:840
msgid "Unexpected error while looking for an error description"
msgstr ""
-#: src/sss_client/pam_sss.c:378
+#: src/sss_client/pam_sss.c:374
msgid "Passwords do not match"
msgstr "密碼不相符"
-#: src/sss_client/pam_sss.c:571
+#: src/sss_client/pam_sss.c:567
msgid "Password reset by root is not supported."
msgstr ""
-#: src/sss_client/pam_sss.c:612
+#: src/sss_client/pam_sss.c:608
msgid "Authenticated with cached credentials"
msgstr ""
-#: src/sss_client/pam_sss.c:613
+#: src/sss_client/pam_sss.c:609
msgid ", your cached password will expire at: "
msgstr ",您快取的密碼將在此刻過期:"
-#: src/sss_client/pam_sss.c:643
+#: src/sss_client/pam_sss.c:639
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
msgstr ""
-#: src/sss_client/pam_sss.c:689
+#: src/sss_client/pam_sss.c:685
#, fuzzy, c-format
msgid "Your password will expire in %d %s."
msgstr ",您快取的密碼將在此刻過期:"
-#: src/sss_client/pam_sss.c:738
+#: src/sss_client/pam_sss.c:734
#, fuzzy
msgid "Authentication is denied until: "
msgstr "離線認證,認證被定義到:"
-#: src/sss_client/pam_sss.c:765
+#: src/sss_client/pam_sss.c:761
msgid "System is offline, password change not possible"
msgstr "系統已離線,不可能作密碼變更"
-#: src/sss_client/pam_sss.c:795 src/sss_client/pam_sss.c:808
+#: src/sss_client/pam_sss.c:791 src/sss_client/pam_sss.c:804
msgid "Password change failed. "
msgstr "密碼變更失敗。"
-#: src/sss_client/pam_sss.c:798 src/sss_client/pam_sss.c:809
+#: src/sss_client/pam_sss.c:794 src/sss_client/pam_sss.c:805
msgid "Server message: "
msgstr "伺服器訊息:"
-#: src/sss_client/pam_sss.c:1212
+#: src/sss_client/pam_sss.c:1208
msgid "New Password: "
msgstr "新密碼:"
-#: src/sss_client/pam_sss.c:1213
+#: src/sss_client/pam_sss.c:1209
msgid "Reenter new Password: "
msgstr "再次輸入新密碼:"
-#: src/sss_client/pam_sss.c:1295
+#: src/sss_client/pam_sss.c:1291
msgid "Password: "
msgstr "密碼:"
-#: src/sss_client/pam_sss.c:1327
+#: src/sss_client/pam_sss.c:1323
msgid "Current Password: "
msgstr "目前的密碼:"
-#: src/sss_client/pam_sss.c:1473
+#: src/sss_client/pam_sss.c:1469
msgid "Password expired. Change your password now."
msgstr "密碼已過期。請立刻變更您的密碼。"
@@ -1190,7 +1240,7 @@ msgstr "記憶體耗盡\n"
msgid "%s must be run as root\n"
msgstr "%s 必須以 root 身分執行\n"
-#: src/util/util.h:67
+#: src/util/util.h:69
msgid "Send the debug output to files instead of stderr"
msgstr "傳送除錯輸出到檔案而不是標準輸出"
diff --git a/src/man/po/cs.po b/src/man/po/cs.po
index 43cc73e02..cfe7b2778 100644
--- a/src/man/po/cs.po
+++ b/src/man/po/cs.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sss_daemon 1.2.3\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-04-27 11:41-0300\n"
+"POT-Creation-Date: 2011-08-02 15:55-0300\n"
"PO-Revision-Date: 2010-10-25 10:46+0300\n"
"Last-Translator: Automatically generated\n"
"Language-Team: none\n"
@@ -118,9 +118,9 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><title>
#. type: Content of: <reference><refentry><refsect1><title>
-#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1464
+#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1106 sssd-ldap.5.xml:1552
#: pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143
-#: sssd-ipa.5.xml:206 sssd.8.xml:166 sss_obfuscate.8.xml:103
+#: sssd-ipa.5.xml:248 sssd.8.xml:166 sss_obfuscate.8.xml:103
#: sss_useradd.8.xml:167 sssd-krb5.5.xml:433 sss_groupadd.8.xml:58
#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58
#: sss_usermod.8.xml:138
@@ -241,7 +241,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:70 sssd.conf.5.xml:854
+#: sssd.conf.5.xml:70 sssd.conf.5.xml:952
msgid "Section parameters"
msgstr ""
@@ -488,8 +488,8 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1049
-#: sssd-ldap.5.xml:1154 sssd-ipa.5.xml:155
+#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1128
+#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:155
msgid "Default: true"
msgstr ""
@@ -639,15 +639,162 @@ msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:358
+msgid "override_homedir (string)"
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:367 sssd-krb5.5.xml:166
+msgid "%u"
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:368 sssd-krb5.5.xml:167
+msgid "login name"
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:371 sssd-krb5.5.xml:170
+msgid "%U"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:372
+msgid "UID number"
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:375 sssd-krb5.5.xml:188
+msgid "%d"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:376
+msgid "domain name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:379
+msgid "%f"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:380
+msgid "fully qualified user name (user@domain)"
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:383 sssd-krb5.5.xml:200
+msgid "%%"
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:384 sssd-krb5.5.xml:201
+msgid "a literal '%'"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:361
+msgid ""
+"Override the user's home directory. You can either provide an absolute value "
+"or a template. In the template, the following sequences are substituted: "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:390
+msgid "This option can also be set per-domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:395
+msgid "allowed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:398
+msgid ""
+"Restrict user shell to one of the listed values. The order of evaluation is:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:401
+msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:405
+msgid ""
+"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
+"quote>, use the value of the shell_fallback parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:410
+msgid ""
+"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
+"shells</quote>, a nologin shell is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:415
+msgid "An empty string for shell is passed as-is to libc."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:418
+msgid ""
+"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
+"that a restart of the SSSD is required in case a new shell is installed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:422
+msgid "Default: Not set. The user shell is automatically used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:427
+msgid "vetoed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:430
+msgid "Replace any instance of these shells with the shell_fallback"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:435
+msgid "shell_fallback (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:438
+msgid ""
+"The default shell to use if an allowed shell is not installed on the machine."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:442
+msgid "Default: /bin/sh"
+msgstr ""
+
# type: Content of: <reference><refentry><refsect1><refsect2><title>
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:360
+#: sssd.conf.5.xml:449
msgid "PAM configuration options"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:362
+#: sssd.conf.5.xml:451
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -655,13 +802,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:367
+#: sssd.conf.5.xml:456
msgid "offline_credentials_expiration (integer)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:459
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -669,19 +816,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:375 sssd.conf.5.xml:388
+#: sssd.conf.5.xml:464 sssd.conf.5.xml:477
msgid "Default: 0 (No limit)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:381
+#: sssd.conf.5.xml:470
msgid "offline_failed_login_attempts (integer)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:473
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -689,13 +836,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:483
msgid "offline_failed_login_delay (integer)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:397
+#: sssd.conf.5.xml:486
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -703,7 +850,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:491
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -712,19 +859,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:408 sssd.conf.5.xml:461 sssd.conf.5.xml:793
+#: sssd.conf.5.xml:497 sssd.conf.5.xml:550 sssd.conf.5.xml:882
msgid "Default: 5"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:414
+#: sssd.conf.5.xml:503
msgid "pam_verbosity (integer)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:417
+#: sssd.conf.5.xml:506
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -732,47 +879,47 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:422
+#: sssd.conf.5.xml:511
msgid "Currently sssd supports the following values:"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:425
+#: sssd.conf.5.xml:514
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:428
+#: sssd.conf.5.xml:517
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:432
+#: sssd.conf.5.xml:521
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435
+#: sssd.conf.5.xml:524
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:528
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:444
+#: sssd.conf.5.xml:533
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:447
+#: sssd.conf.5.xml:536
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -780,7 +927,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:453
+#: sssd.conf.5.xml:542
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -789,17 +936,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:556
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:470
+#: sssd.conf.5.xml:559
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:562
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -807,25 +954,25 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:479
+#: sssd.conf.5.xml:568
msgid "Default: 7"
msgstr ""
# type: Content of: <reference><refentry><refsect1><title>
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:488
+#: sssd.conf.5.xml:577
msgid "DOMAIN SECTIONS"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:495
+#: sssd.conf.5.xml:584
msgid "min_id,max_id (integer)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:587
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -833,7 +980,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:592
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -843,19 +990,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:599
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:516
+#: sssd.conf.5.xml:605
msgid "timeout (integer)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:608
msgid ""
"Timeout in seconds between heartbeats for this domain. This is used to "
"ensure that the backend process is alive and capable of answering requests."
@@ -863,19 +1010,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:524
+#: sssd.conf.5.xml:613 sssd-ldap.5.xml:945
msgid "Default: 10"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:619
msgid "enumerate (bool)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:533
+#: sssd.conf.5.xml:622
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -883,25 +1030,25 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:626
msgid "TRUE = Users and groups are enumerated"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:540
+#: sssd.conf.5.xml:629
msgid "FALSE = No enumerations for this domain"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:543 sssd.conf.5.xml:591 sssd.conf.5.xml:645
+#: sssd.conf.5.xml:632 sssd.conf.5.xml:680 sssd.conf.5.xml:734
msgid "Default: FALSE"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:635
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -911,7 +1058,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:556
+#: sssd.conf.5.xml:645
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -919,7 +1066,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:561
+#: sssd.conf.5.xml:650
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -929,13 +1076,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:572
+#: sssd.conf.5.xml:661
msgid "entry_cache_timeout (integer)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:575
+#: sssd.conf.5.xml:664
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -943,31 +1090,31 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:579
+#: sssd.conf.5.xml:668
msgid "Default: 5400"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:584
+#: sssd.conf.5.xml:673
msgid "cache_credentials (bool)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:587
+#: sssd.conf.5.xml:676
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:685
msgid "account_cache_expiration (integer)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:599
+#: sssd.conf.5.xml:688
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -977,55 +1124,55 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:606
+#: sssd.conf.5.xml:695
msgid "Default: 0 (unlimited)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:612
+#: sssd.conf.5.xml:701
msgid "id_provider (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:704
msgid "The Data Provider identity backend to use for this domain."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:619
+#: sssd.conf.5.xml:708
msgid "Supported backends:"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:622
+#: sssd.conf.5.xml:711
msgid "proxy: Support a legacy NSS provider"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:625
+#: sssd.conf.5.xml:714
msgid "local: SSSD internal local provider"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:628
+#: sssd.conf.5.xml:717
msgid "ldap: LDAP provider"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:723
msgid "use_fully_qualified_names (bool)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:726
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1035,13 +1182,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:739
msgid "auth_provider (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:742
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -1049,7 +1196,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:657
+#: sssd.conf.5.xml:746
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1058,7 +1205,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:664
+#: sssd.conf.5.xml:753
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1067,20 +1214,20 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:671
+#: sssd.conf.5.xml:760
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:763
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:677
+#: sssd.conf.5.xml:766
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -1088,13 +1235,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:683
+#: sssd.conf.5.xml:772
msgid "access_provider (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:775
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1103,19 +1250,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:781
msgid "<quote>permit</quote> always allow access."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:695
+#: sssd.conf.5.xml:784
msgid "<quote>deny</quote> always deny access."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698
+#: sssd.conf.5.xml:787
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1125,19 +1272,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:794
msgid "Default: <quote>permit</quote>"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:799
msgid "chpass_provider (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:713
+#: sssd.conf.5.xml:802
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -1145,7 +1292,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:718
+#: sssd.conf.5.xml:807
msgid ""
"<quote>ipa</quote> to change a password stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1154,7 +1301,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:726
+#: sssd.conf.5.xml:815
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1163,7 +1310,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734
+#: sssd.conf.5.xml:823
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1172,20 +1319,20 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:742
+#: sssd.conf.5.xml:831
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:746
+#: sssd.conf.5.xml:835
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:838
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -1193,13 +1340,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:756
+#: sssd.conf.5.xml:845
msgid "lookup_family_order (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:759
+#: sssd.conf.5.xml:848
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -1207,49 +1354,49 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:763
+#: sssd.conf.5.xml:852
msgid "Supported values:"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:766
+#: sssd.conf.5.xml:855
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:769
+#: sssd.conf.5.xml:858
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:772
+#: sssd.conf.5.xml:861
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:864
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:778
+#: sssd.conf.5.xml:867
msgid "Default: ipv4_first"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:873
msgid "dns_resolver_timeout (integer)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:787
+#: sssd.conf.5.xml:876
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1258,13 +1405,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:799
+#: sssd.conf.5.xml:888
msgid "dns_discovery_domain (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:891
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -1272,12 +1419,22 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:806
+#: sssd.conf.5.xml:895
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:901
+msgid "override_gid (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:904
+msgid "Override the primary GID value with the one specified."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:579
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -1286,19 +1443,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:818
+#: sssd.conf.5.xml:916
msgid "proxy_pam_target (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:919
msgid "The proxy target PAM proxies to."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:824
+#: sssd.conf.5.xml:922
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -1306,13 +1463,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:930
msgid "proxy_lib_name (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:933
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -1320,7 +1477,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:814
+#: sssd.conf.5.xml:912
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -1328,13 +1485,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><title>
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:847
+#: sssd.conf.5.xml:945
msgid "The local domain section"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:849
+#: sssd.conf.5.xml:947
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -1343,31 +1500,31 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:856
+#: sssd.conf.5.xml:954
msgid "default_shell (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:859
+#: sssd.conf.5.xml:957
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:863
+#: sssd.conf.5.xml:961
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:966
msgid "base_directory (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:969
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -1375,18 +1532,18 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:974
msgid "Default: <filename>/home</filename>"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:979
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:884
+#: sssd.conf.5.xml:982
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
@@ -1394,18 +1551,18 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888 sssd.conf.5.xml:900
+#: sssd.conf.5.xml:986 sssd.conf.5.xml:998
msgid "Default: TRUE"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:991
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:994
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
@@ -1413,13 +1570,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:905
+#: sssd.conf.5.xml:1003
msgid "homedir_umask (integer)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:908
+#: sssd.conf.5.xml:1006
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -1428,19 +1585,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:1014
msgid "Default: 077"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:921
+#: sssd.conf.5.xml:1019
msgid "skel_dir (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:1022
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -1450,19 +1607,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:934
+#: sssd.conf.5.xml:1032
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:939
+#: sssd.conf.5.xml:1037
msgid "mail_dir (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:942
+#: sssd.conf.5.xml:1040
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -1471,19 +1628,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:949
+#: sssd.conf.5.xml:1047
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:954
+#: sssd.conf.5.xml:1052
msgid "userdel_cmd (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:957
+#: sssd.conf.5.xml:1055
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -1492,20 +1649,20 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1061
msgid "Default: None, no command is run"
msgstr ""
# type: Content of: <reference><refentry><refsect1><title>
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1432 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:188 sssd-krb5.5.xml:414
+#: sssd.conf.5.xml:1071 sssd-ldap.5.xml:1520 sssd-simple.5.xml:126
+#: sssd-ipa.5.xml:230 sssd-krb5.5.xml:414
msgid "EXAMPLE"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><programlisting>
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1077
#, no-wrap
msgid ""
"[sssd]\n"
@@ -1535,7 +1692,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:975
+#: sssd.conf.5.xml:1073
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -1545,7 +1702,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para>
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1108
msgid ""
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
@@ -1612,25 +1769,45 @@ msgstr ""
msgid "ldap_uri (string)"
msgstr ""
-# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:63
msgid ""
-"Specifies the list of URIs of the LDAP servers to which SSSD should connect "
-"in the order of preference. Refer to the <quote>FAILOVER</quote> section for "
-"more information on failover and server redundancy. If not specified, "
-"service discovery is enabled. For more information, refer to the "
-"<quote>SERVICE DISCOVERY</quote> section."
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
+"should connect in the order of preference. Refer to the <quote>FAILOVER</"
+"quote> section for more information on failover and server redundancy. If "
+"not specified, service discovery is enabled. For more information, refer to "
+"the <quote>SERVICE DISCOVERY</quote> section."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:70
+msgid "The format of the URI must match the format defined in RFC 2732:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:73
-msgid "ldap_chpass_uri (string)"
+msgid "ldap[s]://&lt;host&gt;[:port]"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:76
msgid ""
+"For explicit IPv6 addresses, &lt;host&gt; must be enclosed in brackets []"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:79
+msgid "example: ldap://[fc00::126:25]:389"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:85
+msgid "ldap_chpass_uri (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:88
+msgid ""
"Specifies the list of URIs of the LDAP servers to which SSSD should connect "
"in the order of preference to change the password of a user. Refer to the "
"<quote>FAILOVER</quote> section for more information on failover and server "
@@ -1638,30 +1815,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:83
+#: sssd-ldap.5.xml:95
msgid "To enable service discovery ldap_chpass_dns_service_name must be set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:87
+#: sssd-ldap.5.xml:99
msgid "Default: empty, i.e. ldap_uri is used."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:93
+#: sssd-ldap.5.xml:105
msgid "ldap_search_base (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:96
+#: sssd-ldap.5.xml:108
msgid "The default base DN to use for performing LDAP user operations."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:100
+#: sssd-ldap.5.xml:112
msgid ""
"Default: If not set the value of the defaultNamingContext or namingContexts "
"attribute from the RootDSE of the LDAP server is used. If "
@@ -1673,13 +1850,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:114
+#: sssd-ldap.5.xml:126
msgid "ldap_schema (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:117
+#: sssd-ldap.5.xml:129
msgid ""
"Specifies the Schema Type in use on the target LDAP server. Depending on "
"the selected schema, the default attribute names retrieved from the servers "
@@ -1694,61 +1871,66 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:136
+#: sssd-ldap.5.xml:148
msgid "Default: rfc2307"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:142
+#: sssd-ldap.5.xml:154
msgid "ldap_default_bind_dn (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:145
+#: sssd-ldap.5.xml:157
msgid "The default bind DN to use for performing LDAP operations."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:152
+#: sssd-ldap.5.xml:164
msgid "ldap_default_authtok_type (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:155
+#: sssd-ldap.5.xml:167
msgid "The type of the authentication token of the default bind DN."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:159
+#: sssd-ldap.5.xml:171
msgid "The two mechanisms currently supported are:"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:162
+#: sssd-ldap.5.xml:174
msgid "password"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:165
+#: sssd-ldap.5.xml:177
msgid "obfuscated_password"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:180
+msgid "Default: password"
+msgstr ""
+
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:171
+#: sssd-ldap.5.xml:186
msgid "ldap_default_authtok (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:174
+#: sssd-ldap.5.xml:189
msgid ""
"The authentication token of the default bind DN. Only clear text passwords "
"are currently supported."
@@ -1756,157 +1938,157 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:181
+#: sssd-ldap.5.xml:196
msgid "ldap_user_object_class (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:184
+#: sssd-ldap.5.xml:199
msgid "The object class of a user entry in LDAP."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:187
+#: sssd-ldap.5.xml:202
msgid "Default: posixAccount"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:193
+#: sssd-ldap.5.xml:208
msgid "ldap_user_name (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:196
+#: sssd-ldap.5.xml:211
msgid "The LDAP attribute that corresponds to the user's login name."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:200
+#: sssd-ldap.5.xml:215
msgid "Default: uid"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:206
+#: sssd-ldap.5.xml:221
msgid "ldap_user_uid_number (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:209
+#: sssd-ldap.5.xml:224
msgid "The LDAP attribute that corresponds to the user's id."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:213
+#: sssd-ldap.5.xml:228
msgid "Default: uidNumber"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:219
+#: sssd-ldap.5.xml:234
msgid "ldap_user_gid_number (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:222
+#: sssd-ldap.5.xml:237
msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:642
+#: sssd-ldap.5.xml:241 sssd-ldap.5.xml:698
msgid "Default: gidNumber"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:232
+#: sssd-ldap.5.xml:247
msgid "ldap_user_gecos (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:235
+#: sssd-ldap.5.xml:250
msgid "The LDAP attribute that corresponds to the user's gecos field."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:239
+#: sssd-ldap.5.xml:254
msgid "Default: gecos"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:245
+#: sssd-ldap.5.xml:260
msgid "ldap_user_home_directory (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:248
+#: sssd-ldap.5.xml:263
msgid "The LDAP attribute that contains the name of the user's home directory."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:252
+#: sssd-ldap.5.xml:267
msgid "Default: homeDirectory"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:258
+#: sssd-ldap.5.xml:273
msgid "ldap_user_shell (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:261
+#: sssd-ldap.5.xml:276
msgid "The LDAP attribute that contains the path to the user's default shell."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:265
+#: sssd-ldap.5.xml:280
msgid "Default: loginShell"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:271
+#: sssd-ldap.5.xml:286
msgid "ldap_user_uuid (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:274
+#: sssd-ldap.5.xml:289
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:668 sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:293 sssd-ldap.5.xml:724 sssd-ldap.5.xml:817
msgid "Default: nsUniqueId"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:284
+#: sssd-ldap.5.xml:299
msgid "ldap_user_modify_timestamp (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:677 sssd-ldap.5.xml:770
+#: sssd-ldap.5.xml:302 sssd-ldap.5.xml:733 sssd-ldap.5.xml:826
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
@@ -1914,19 +2096,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:681 sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:306 sssd-ldap.5.xml:737 sssd-ldap.5.xml:830
msgid "Default: modifyTimestamp"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:297
+#: sssd-ldap.5.xml:312
msgid "ldap_user_shadow_last_change (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:300
+#: sssd-ldap.5.xml:315
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1936,19 +2118,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:310
+#: sssd-ldap.5.xml:325
msgid "Default: shadowLastChange"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:316
+#: sssd-ldap.5.xml:331
msgid "ldap_user_shadow_min (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:319
+#: sssd-ldap.5.xml:334
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1958,19 +2140,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:328
+#: sssd-ldap.5.xml:343
msgid "Default: shadowMin"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:334
+#: sssd-ldap.5.xml:349
msgid "ldap_user_shadow_max (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:337
+#: sssd-ldap.5.xml:352
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1980,19 +2162,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:346
+#: sssd-ldap.5.xml:361
msgid "Default: shadowMax"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:352
+#: sssd-ldap.5.xml:367
msgid "ldap_user_shadow_warning (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:355
+#: sssd-ldap.5.xml:370
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -2002,19 +2184,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:365
+#: sssd-ldap.5.xml:380
msgid "Default: shadowWarning"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:371
+#: sssd-ldap.5.xml:386
msgid "ldap_user_shadow_inactive (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:374
+#: sssd-ldap.5.xml:389
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -2024,18 +2206,18 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:384
+#: sssd-ldap.5.xml:399
msgid "Default: shadowInactive"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:390
+#: sssd-ldap.5.xml:405
msgid "ldap_user_shadow_expire (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:393
+#: sssd-ldap.5.xml:408
msgid ""
"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this "
"parameter contains the name of an LDAP attribute corresponding to its "
@@ -2045,19 +2227,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:403
+#: sssd-ldap.5.xml:418
msgid "Default: shadowExpire"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:409
+#: sssd-ldap.5.xml:424
msgid "ldap_user_krb_last_pwd_change (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:412
+#: sssd-ldap.5.xml:427
msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time of last password change in "
@@ -2066,19 +2248,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:418
+#: sssd-ldap.5.xml:433
msgid "Default: krbLastPwdChange"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:424
+#: sssd-ldap.5.xml:439
msgid "ldap_user_krb_password_expiration (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:427
+#: sssd-ldap.5.xml:442
msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time when current password expires."
@@ -2086,70 +2268,116 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:433
+#: sssd-ldap.5.xml:448
msgid "Default: krbPasswordExpiration"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:439
+#: sssd-ldap.5.xml:454
msgid "ldap_user_ad_account_expires (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:442
+#: sssd-ldap.5.xml:457
msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the expiration time of the account."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:447
+#: sssd-ldap.5.xml:462
msgid "Default: accountExpires"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:453
+#: sssd-ldap.5.xml:468
msgid "ldap_user_ad_user_account_control (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:456
+#: sssd-ldap.5.xml:471
msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the user account control bit field."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:461
+#: sssd-ldap.5.xml:476
msgid "Default: userAccountControl"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:467
+#: sssd-ldap.5.xml:482
msgid "ldap_ns_account_lock (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:470
+#: sssd-ldap.5.xml:485
msgid ""
"When using ldap_account_expire_policy=rhds or equivalent, this parameter "
"determines if access is allowed or not."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:475
+#: sssd-ldap.5.xml:490
msgid "Default: nsAccountLock"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:496
+msgid "ldap_user_nds_login_disabled (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:499
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines if "
+"access is allowed or not."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:503 sssd-ldap.5.xml:517
+msgid "Default: loginDisabled"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:509
+msgid "ldap_user_nds_login_expiration_time (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:512
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines until "
+"which date access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:523
+msgid "ldap_user_nds_login_allowed_time_map (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:526
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines the "
+"hours of a day in a week when access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:531
+msgid "Default: loginAllowedTimeMap"
+msgstr ""
+
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:481
+#: sssd-ldap.5.xml:537
msgid "ldap_user_principal (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:484
+#: sssd-ldap.5.xml:540
msgid ""
"The LDAP attribute that contains the user's Kerberos User Principal Name "
"(UPN)."
@@ -2157,19 +2385,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:488
+#: sssd-ldap.5.xml:544
msgid "Default: krbPrincipalName"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:494
+#: sssd-ldap.5.xml:550
msgid "ldap_force_upper_case_realm (boolean)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:497
+#: sssd-ldap.5.xml:553
msgid ""
"Some directory servers, for example Active Directory, might deliver the "
"realm part of the UPN in lower case, which might cause the authentication to "
@@ -2179,20 +2407,20 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:995 sssd-ipa.5.xml:115 sssd.8.xml:64
+#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:1074 sssd-ipa.5.xml:115 sssd.8.xml:64
#: sssd-krb5.5.xml:235 sssd-krb5.5.xml:266
msgid "Default: false"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:510
+#: sssd-ldap.5.xml:566
msgid "ldap_enumeration_refresh_timeout (integer)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:513
+#: sssd-ldap.5.xml:569
msgid ""
"The LDAP attribute that contains how many seconds SSSD has to wait before "
"refreshing its cache of enumerated records."
@@ -2200,19 +2428,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:518
+#: sssd-ldap.5.xml:574
msgid "Default: 300"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:524
+#: sssd-ldap.5.xml:580
msgid "ldap_purge_cache_timeout"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:527
+#: sssd-ldap.5.xml:583
msgid ""
"Determine how often to check the cache for inactive entries (such as groups "
"with no members and users who have never logged in) and remove them to save "
@@ -2221,59 +2449,59 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:533
+#: sssd-ldap.5.xml:589
msgid "Setting this option to zero will disable the cache cleanup operation."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:537
+#: sssd-ldap.5.xml:593
msgid "Default: 10800 (12 hours)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:543
+#: sssd-ldap.5.xml:599
msgid "ldap_user_fullname (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:546
+#: sssd-ldap.5.xml:602
msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:629 sssd-ldap.5.xml:722
+#: sssd-ldap.5.xml:606 sssd-ldap.5.xml:685 sssd-ldap.5.xml:778
msgid "Default: cn"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:556
+#: sssd-ldap.5.xml:612
msgid "ldap_user_member_of (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:559
+#: sssd-ldap.5.xml:615
msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:563
+#: sssd-ldap.5.xml:619
msgid "Default: memberOf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:569
+#: sssd-ldap.5.xml:625
msgid "ldap_user_authorized_service (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:572
+#: sssd-ldap.5.xml:628
msgid ""
"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will "
"use the presence of the authorizedService attribute in the user's LDAP entry "
@@ -2281,24 +2509,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:579
+#: sssd-ldap.5.xml:635
msgid ""
"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
"explicit allow (svc) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:584
+#: sssd-ldap.5.xml:640
msgid "Default: authorizedService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:590
+#: sssd-ldap.5.xml:646
msgid "ldap_user_authorized_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:593
+#: sssd-ldap.5.xml:649
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -2306,104 +2534,104 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:599
+#: sssd-ldap.5.xml:655
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:604
+#: sssd-ldap.5.xml:660
msgid "Default: host"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:610
+#: sssd-ldap.5.xml:666
msgid "ldap_group_object_class (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:613
+#: sssd-ldap.5.xml:669
msgid "The object class of a group entry in LDAP."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:616
+#: sssd-ldap.5.xml:672
msgid "Default: posixGroup"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:622
+#: sssd-ldap.5.xml:678
msgid "ldap_group_name (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:625
+#: sssd-ldap.5.xml:681
msgid "The LDAP attribute that corresponds to the group name."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:635
+#: sssd-ldap.5.xml:691
msgid "ldap_group_gid_number (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:638
+#: sssd-ldap.5.xml:694
msgid "The LDAP attribute that corresponds to the group's id."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:648
+#: sssd-ldap.5.xml:704
msgid "ldap_group_member (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:651
+#: sssd-ldap.5.xml:707
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:655
+#: sssd-ldap.5.xml:711
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:661
+#: sssd-ldap.5.xml:717
msgid "ldap_group_uuid (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:664
+#: sssd-ldap.5.xml:720
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:674
+#: sssd-ldap.5.xml:730
msgid "ldap_group_modify_timestamp (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:687
+#: sssd-ldap.5.xml:743
msgid "ldap_group_nesting_level (integer)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:690
+#: sssd-ldap.5.xml:746
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -2412,104 +2640,104 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:697
+#: sssd-ldap.5.xml:753
msgid "Default: 2"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:703
+#: sssd-ldap.5.xml:759
msgid "ldap_netgroup_object_class (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:706
+#: sssd-ldap.5.xml:762
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:709
+#: sssd-ldap.5.xml:765
msgid "Default: nisNetgroup"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:715
+#: sssd-ldap.5.xml:771
msgid "ldap_netgroup_name (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:718
+#: sssd-ldap.5.xml:774
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:728
+#: sssd-ldap.5.xml:784
msgid "ldap_netgroup_member (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:731
+#: sssd-ldap.5.xml:787
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:791
msgid "Default: memberNisNetgroup"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:741
+#: sssd-ldap.5.xml:797
msgid "ldap_netgroup_triple (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:744
+#: sssd-ldap.5.xml:800
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:748
+#: sssd-ldap.5.xml:804
msgid "Default: nisNetgroupTriple"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:754
+#: sssd-ldap.5.xml:810
msgid "ldap_netgroup_uuid (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:757
+#: sssd-ldap.5.xml:813
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:767
+#: sssd-ldap.5.xml:823
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:780
+#: sssd-ldap.5.xml:836
msgid "ldap_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:783
+#: sssd-ldap.5.xml:839
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -2517,7 +2745,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:789
+#: sssd-ldap.5.xml:845
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -2526,17 +2754,17 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:795 sssd-ldap.5.xml:837 sssd-ldap.5.xml:852
+#: sssd-ldap.5.xml:851 sssd-ldap.5.xml:893 sssd-ldap.5.xml:908
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:801
+#: sssd-ldap.5.xml:857
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:804
+#: sssd-ldap.5.xml:860
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -2545,19 +2773,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:811
+#: sssd-ldap.5.xml:867
msgid "Default: 60"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:817
+#: sssd-ldap.5.xml:873
msgid "ldap_network_timeout (integer)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:820
+#: sssd-ldap.5.xml:876
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -2569,13 +2797,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:843
+#: sssd-ldap.5.xml:899
msgid "ldap_opt_timeout (integer)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:846
+#: sssd-ldap.5.xml:902
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -2583,31 +2811,53 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:858
+#: sssd-ldap.5.xml:914
msgid "ldap_page_size (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:861
+#: sssd-ldap.5.xml:917
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:866
+#: sssd-ldap.5.xml:922
msgid "Default: 1000"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:928
+msgid "ldap_deref_threshold (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:931
+msgid ""
+"Specify the number of group members that must be missing from the internal "
+"cache in order to trigger a dereference lookup. If less members are missing, "
+"they are looked up individually."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:937
+msgid ""
+"A dereference lookup is a means of fetching all group members in a single "
+"LDAP call. Different LDAP servers may implement different dereference "
+"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active "
+"Directory."
+msgstr ""
+
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:872
+#: sssd-ldap.5.xml:951
msgid "ldap_tls_reqcert (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:875
+#: sssd-ldap.5.xml:954
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
@@ -2615,7 +2865,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:881
+#: sssd-ldap.5.xml:960
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
@@ -2623,7 +2873,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:885
+#: sssd-ldap.5.xml:964
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -2632,7 +2882,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:892
+#: sssd-ldap.5.xml:971
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -2641,7 +2891,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:898
+#: sssd-ldap.5.xml:977
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -2650,25 +2900,25 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:904
+#: sssd-ldap.5.xml:983
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:908
+#: sssd-ldap.5.xml:987
msgid "Default: hard"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:914
+#: sssd-ldap.5.xml:993
msgid "ldap_tls_cacert (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:917
+#: sssd-ldap.5.xml:996
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
@@ -2676,7 +2926,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:922 sssd-ldap.5.xml:940 sssd-ldap.5.xml:981
+#: sssd-ldap.5.xml:1001 sssd-ldap.5.xml:1019 sssd-ldap.5.xml:1060
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
@@ -2684,13 +2934,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:1008
msgid "ldap_tls_cacertdir (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:1011
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -2699,38 +2949,38 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:947
+#: sssd-ldap.5.xml:1026
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:950
+#: sssd-ldap.5.xml:1029
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:954 sssd-ldap.5.xml:966 sssd-ldap.5.xml:1395
-#: sssd-ldap.5.xml:1418 sssd-krb5.5.xml:356
+#: sssd-ldap.5.xml:1033 sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1483
+#: sssd-ldap.5.xml:1506 sssd-krb5.5.xml:356
msgid "Default: not set"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:960
+#: sssd-ldap.5.xml:1039
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:1042
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:972
+#: sssd-ldap.5.xml:1051
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:975
+#: sssd-ldap.5.xml:1054
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -2739,13 +2989,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:988
+#: sssd-ldap.5.xml:1067
msgid "ldap_id_use_start_tls (boolean)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:991
+#: sssd-ldap.5.xml:1070
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
@@ -2753,13 +3003,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1001
+#: sssd-ldap.5.xml:1080
msgid "ldap_sasl_mech (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1004
+#: sssd-ldap.5.xml:1083
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
@@ -2767,19 +3017,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1136
+#: sssd-ldap.5.xml:1087 sssd-ldap.5.xml:1215
msgid "Default: none"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1014
+#: sssd-ldap.5.xml:1093
msgid "ldap_sasl_authid (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1017
+#: sssd-ldap.5.xml:1096
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory."
@@ -2787,37 +3037,37 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1022
+#: sssd-ldap.5.xml:1101
msgid "Default: host/machine.fqdn@REALM"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1028
+#: sssd-ldap.5.xml:1107
msgid "ldap_krb5_keytab (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1031
+#: sssd-ldap.5.xml:1110
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1034
+#: sssd-ldap.5.xml:1113
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1119
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1043
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -2826,31 +3076,31 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1055
+#: sssd-ldap.5.xml:1134
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1058
+#: sssd-ldap.5.xml:1137
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1062
+#: sssd-ldap.5.xml:1141
msgid "Default: 86400 (24 hours)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1147 sssd-krb5.5.xml:74
msgid "krb5_server (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071 sssd-krb5.5.xml:77
+#: sssd-ldap.5.xml:1150 sssd-krb5.5.xml:77
msgid ""
"Specifies the list of IP addresses or hostnames of the Kerberos servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -2861,7 +3111,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1162 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -2870,7 +3120,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1088 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1167 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -2879,31 +3129,31 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1097 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1176 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1100
+#: sssd-ldap.5.xml:1179
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1103
+#: sssd-ldap.5.xml:1182
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1109
+#: sssd-ldap.5.xml:1188
msgid "ldap_pwd_policy (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1112
+#: sssd-ldap.5.xml:1191
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
@@ -2911,7 +3161,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1117
+#: sssd-ldap.5.xml:1196
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
@@ -2919,7 +3169,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1122
+#: sssd-ldap.5.xml:1201
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -2929,7 +3179,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1130
+#: sssd-ldap.5.xml:1209
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -2938,19 +3188,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1142
+#: sssd-ldap.5.xml:1221
msgid "ldap_referrals (boolean)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1145
+#: sssd-ldap.5.xml:1224
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1228
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
@@ -2958,48 +3208,48 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1160
+#: sssd-ldap.5.xml:1239
msgid "ldap_dns_service_name (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1242
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1167
+#: sssd-ldap.5.xml:1246
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1173
+#: sssd-ldap.5.xml:1252
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1176
+#: sssd-ldap.5.xml:1255
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1181
+#: sssd-ldap.5.xml:1260
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1187
+#: sssd-ldap.5.xml:1266
msgid "ldap_access_filter (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1190
+#: sssd-ldap.5.xml:1269
msgid ""
"If using access_provider = ldap, this option is mandatory. It specifies an "
"LDAP search filter criteria that must be met for the user to be granted "
@@ -3010,13 +3260,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1200 sssd-ldap.5.xml:1398
+#: sssd-ldap.5.xml:1279 sssd-ldap.5.xml:1486
msgid "Example:"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1203
+#: sssd-ldap.5.xml:1282
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -3026,7 +3276,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1286
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
@@ -3034,7 +3284,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1291
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -3044,24 +3294,24 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1220 sssd-ldap.5.xml:1261
+#: sssd-ldap.5.xml:1299 sssd-ldap.5.xml:1349
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1305
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1308
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1312
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -3069,19 +3319,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1240
+#: sssd-ldap.5.xml:1319
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1243
+#: sssd-ldap.5.xml:1322
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1248
+#: sssd-ldap.5.xml:1327
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -3090,52 +3340,61 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1255
+#: sssd-ldap.5.xml:1334
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
"allowed or not."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1340
+msgid ""
+"<emphasis>nds</emphasis>: the values of "
+"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
+"ldap_user_nds_login_expiration_time are used to check if access is allowed. "
+"If both attributes are missing access is granted."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1355
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1270
+#: sssd-ldap.5.xml:1358
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1362
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1277
+#: sssd-ldap.5.xml:1365
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1281
+#: sssd-ldap.5.xml:1369
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1374
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1378
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1293
+#: sssd-ldap.5.xml:1381
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -3143,13 +3402,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1300
+#: sssd-ldap.5.xml:1388
msgid "ldap_deref (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1303
+#: sssd-ldap.5.xml:1391
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -3157,13 +3416,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1308
+#: sssd-ldap.5.xml:1396
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1312
+#: sssd-ldap.5.xml:1400
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -3171,7 +3430,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1317
+#: sssd-ldap.5.xml:1405
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -3179,7 +3438,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1322
+#: sssd-ldap.5.xml:1410
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -3187,7 +3446,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1327
+#: sssd-ldap.5.xml:1415
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -3205,67 +3464,67 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><title>
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1339
+#: sssd-ldap.5.xml:1427
msgid "ADVANCED OPTIONS"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1346
+#: sssd-ldap.5.xml:1434
msgid "ldap_netgroup_search_base (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1349
+#: sssd-ldap.5.xml:1437
msgid ""
"An optional base DN to restrict netgroup searches to a specific subtree."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1353 sssd-ldap.5.xml:1367 sssd-ldap.5.xml:1381
+#: sssd-ldap.5.xml:1441 sssd-ldap.5.xml:1455 sssd-ldap.5.xml:1469
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1360
+#: sssd-ldap.5.xml:1448
msgid "ldap_user_search_base (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1451
msgid "An optional base DN to restrict user searches to a specific subtree."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1374
+#: sssd-ldap.5.xml:1462
msgid "ldap_group_search_base (string)"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1377
+#: sssd-ldap.5.xml:1465
msgid "An optional base DN to restrict group searches to a specific subtree."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1388
+#: sssd-ldap.5.xml:1476
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1391
+#: sssd-ldap.5.xml:1479
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1401
+#: sssd-ldap.5.xml:1489
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -3273,26 +3532,26 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1404
+#: sssd-ldap.5.xml:1492
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1411
+#: sssd-ldap.5.xml:1499
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1414
+#: sssd-ldap.5.xml:1502
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1341
+#: sssd-ldap.5.xml:1429
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -3301,7 +3560,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para>
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1434
+#: sssd-ldap.5.xml:1522
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -3310,7 +3569,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><programlisting>
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:1440
+#: sssd-ldap.5.xml:1528
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -3324,20 +3583,20 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1439 sssd-simple.5.xml:134 sssd-ipa.5.xml:196
+#: sssd-ldap.5.xml:1527 sssd-simple.5.xml:134 sssd-ipa.5.xml:238
#: sssd-krb5.5.xml:423
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
# type: Content of: <reference><refentry><refsect1><title>
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1453 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:1541 sssd_krb5_locator_plugin.8.xml:61
msgid "NOTES"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para>
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1543
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -3347,7 +3606,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para>
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1466
+#: sssd-ldap.5.xml:1554
msgid ""
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
@@ -3904,9 +4163,60 @@ msgid ""
"converted into the base DN to use for performing LDAP operations."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:179
+msgid "ipa_hbac_refresh (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:182
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server. "
+"This will reduce the latency and load on the IPA server if there are many "
+"access-control requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:189
+msgid "Default: 5 (seconds)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:194
+msgid "ipa_hbac_treat_deny_as (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:197
+msgid ""
+"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
+"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
+"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The "
+"client will support two modes of operation during this transition period:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:206
+msgid ""
+"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
+"users will be denied access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:211
+msgid ""
+"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
+"careful with this option, as it may result in opening unintended access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:216
+msgid "Default: DENY_ALL"
+msgstr ""
+
# type: Content of: <reference><refentry><refsect1><para>
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:190
+#: sssd-ipa.5.xml:232
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -3915,7 +4225,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><programlisting>
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:197
+#: sssd-ipa.5.xml:239
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -3926,7 +4236,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para>
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:208
+#: sssd-ipa.5.xml:250
msgid ""
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</"
@@ -4546,24 +4856,6 @@ msgstr ""
msgid "krb5_ccname_template (string)"
msgstr ""
-# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:166
-msgid "%u"
-msgstr ""
-
-# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:167
-msgid "login name"
-msgstr ""
-
-# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:170
-msgid "%U"
-msgstr ""
-
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:171
@@ -4606,12 +4898,6 @@ msgstr ""
msgid "home directory"
msgstr ""
-# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:188
-msgid "%d"
-msgstr ""
-
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:189
@@ -4630,18 +4916,6 @@ msgstr ""
msgid "the process ID of the sssd client"
msgstr ""
-# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:200
-msgid "%%"
-msgstr ""
-
-# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:201
-msgid "a literal '%'"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:160
msgid ""
diff --git a/src/man/po/es.po b/src/man/po/es.po
index 6445ef009..48da63767 100644
--- a/src/man/po/es.po
+++ b/src/man/po/es.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-04-27 11:41-0300\n"
+"POT-Creation-Date: 2011-08-02 15:55-0300\n"
"PO-Revision-Date: 2011-03-08 15:06+0000\n"
"Last-Translator: sgallagh <sgallagh@redhat.com>\n"
"Language-Team: Spanish (Castilian) <None>\n"
@@ -119,9 +119,9 @@ msgstr ""
"<replaceable>GROUPS</replaceable>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1464
+#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1106 sssd-ldap.5.xml:1552
#: pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143
-#: sssd-ipa.5.xml:206 sssd.8.xml:166 sss_obfuscate.8.xml:103
+#: sssd-ipa.5.xml:248 sssd.8.xml:166 sss_obfuscate.8.xml:103
#: sss_useradd.8.xml:167 sssd-krb5.5.xml:433 sss_groupadd.8.xml:58
#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58
#: sss_usermod.8.xml:138
@@ -256,7 +256,7 @@ msgid "The [sssd] section"
msgstr "La sección [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:70 sssd.conf.5.xml:854
+#: sssd.conf.5.xml:70 sssd.conf.5.xml:952
msgid "Section parameters"
msgstr "Parámetros de sección"
@@ -504,8 +504,8 @@ msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1049
-#: sssd-ldap.5.xml:1154 sssd-ipa.5.xml:155
+#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1128
+#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:155
msgid "Default: true"
msgstr ""
@@ -636,61 +636,206 @@ msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:358
+msgid "override_homedir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:367 sssd-krb5.5.xml:166
+msgid "%u"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:368 sssd-krb5.5.xml:167
+msgid "login name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:371 sssd-krb5.5.xml:170
+msgid "%U"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:372
+msgid "UID number"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:375 sssd-krb5.5.xml:188
+msgid "%d"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:376
+#, fuzzy
+#| msgid "domains"
+msgid "domain name"
+msgstr "dominios"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:379
+msgid "%f"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:380
+msgid "fully qualified user name (user@domain)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:383 sssd-krb5.5.xml:200
+msgid "%%"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:384 sssd-krb5.5.xml:201
+msgid "a literal '%'"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:361
+msgid ""
+"Override the user's home directory. You can either provide an absolute value "
+"or a template. In the template, the following sequences are substituted: "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:390
+msgid "This option can also be set per-domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:395
+msgid "allowed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:398
+msgid ""
+"Restrict user shell to one of the listed values. The order of evaluation is:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:401
+msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:405
+msgid ""
+"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
+"quote>, use the value of the shell_fallback parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:410
+msgid ""
+"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
+"shells</quote>, a nologin shell is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:415
+msgid "An empty string for shell is passed as-is to libc."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:418
+msgid ""
+"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
+"that a restart of the SSSD is required in case a new shell is installed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:422
+msgid "Default: Not set. The user shell is automatically used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:427
+msgid "vetoed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:430
+msgid "Replace any instance of these shells with the shell_fallback"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:435
+msgid "shell_fallback (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:438
+msgid ""
+"The default shell to use if an allowed shell is not installed on the machine."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:442
+#, fuzzy
+#| msgid "Default: 3"
+msgid "Default: /bin/sh"
+msgstr "Predeterminado: 3"
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:360
+#: sssd.conf.5.xml:449
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:362
+#: sssd.conf.5.xml:451
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:367
+#: sssd.conf.5.xml:456
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:459
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:375 sssd.conf.5.xml:388
+#: sssd.conf.5.xml:464 sssd.conf.5.xml:477
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:381
+#: sssd.conf.5.xml:470
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:473
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:483
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:397
+#: sssd.conf.5.xml:486
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:491
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -698,59 +843,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:408 sssd.conf.5.xml:461 sssd.conf.5.xml:793
+#: sssd.conf.5.xml:497 sssd.conf.5.xml:550 sssd.conf.5.xml:882
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:414
+#: sssd.conf.5.xml:503
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:417
+#: sssd.conf.5.xml:506
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:422
+#: sssd.conf.5.xml:511
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:425
+#: sssd.conf.5.xml:514
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:428
+#: sssd.conf.5.xml:517
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:432
+#: sssd.conf.5.xml:521
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435
+#: sssd.conf.5.xml:524
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:528
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:444
+#: sssd.conf.5.xml:533
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:447
+#: sssd.conf.5.xml:536
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -758,7 +903,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:453
+#: sssd.conf.5.xml:542
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -767,17 +912,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:556
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:470
+#: sssd.conf.5.xml:559
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:562
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -785,29 +930,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:479
+#: sssd.conf.5.xml:568
msgid "Default: 7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:488
+#: sssd.conf.5.xml:577
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:495
+#: sssd.conf.5.xml:584
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:587
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:592
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -816,56 +961,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:599
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:516
+#: sssd.conf.5.xml:605
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:608
msgid ""
"Timeout in seconds between heartbeats for this domain. This is used to "
"ensure that the backend process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:524
+#: sssd.conf.5.xml:613 sssd-ldap.5.xml:945
msgid "Default: 10"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:619
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:533
+#: sssd.conf.5.xml:622
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:626
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:540
+#: sssd.conf.5.xml:629
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:543 sssd.conf.5.xml:591 sssd.conf.5.xml:645
+#: sssd.conf.5.xml:632 sssd.conf.5.xml:680 sssd.conf.5.xml:734
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:635
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -875,14 +1020,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:556
+#: sssd.conf.5.xml:645
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:561
+#: sssd.conf.5.xml:650
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -891,39 +1036,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:572
+#: sssd.conf.5.xml:661
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:575
+#: sssd.conf.5.xml:664
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:579
+#: sssd.conf.5.xml:668
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:584
+#: sssd.conf.5.xml:673
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:587
+#: sssd.conf.5.xml:676
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:685
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:599
+#: sssd.conf.5.xml:688
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -932,47 +1077,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:606
+#: sssd.conf.5.xml:695
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:612
+#: sssd.conf.5.xml:701
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:704
msgid "The Data Provider identity backend to use for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:619
+#: sssd.conf.5.xml:708
msgid "Supported backends:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:622
+#: sssd.conf.5.xml:711
msgid "proxy: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:625
+#: sssd.conf.5.xml:714
msgid "local: SSSD internal local provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:628
+#: sssd.conf.5.xml:717
msgid "ldap: LDAP provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:723
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:726
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -981,19 +1126,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:739
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:742
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:657
+#: sssd.conf.5.xml:746
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1001,7 +1146,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:664
+#: sssd.conf.5.xml:753
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1009,30 +1154,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:671
+#: sssd.conf.5.xml:760
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:763
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:677
+#: sssd.conf.5.xml:766
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:683
+#: sssd.conf.5.xml:772
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:775
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1040,17 +1185,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:781
msgid "<quote>permit</quote> always allow access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:695
+#: sssd.conf.5.xml:784
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698
+#: sssd.conf.5.xml:787
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1059,24 +1204,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:794
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:799
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:713
+#: sssd.conf.5.xml:802
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:718
+#: sssd.conf.5.xml:807
msgid ""
"<quote>ipa</quote> to change a password stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1084,7 +1229,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:726
+#: sssd.conf.5.xml:815
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1092,7 +1237,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734
+#: sssd.conf.5.xml:823
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1100,72 +1245,72 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:742
+#: sssd.conf.5.xml:831
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:746
+#: sssd.conf.5.xml:835
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:838
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:756
+#: sssd.conf.5.xml:845
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:759
+#: sssd.conf.5.xml:848
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:763
+#: sssd.conf.5.xml:852
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:766
+#: sssd.conf.5.xml:855
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:769
+#: sssd.conf.5.xml:858
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:772
+#: sssd.conf.5.xml:861
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:864
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:778
+#: sssd.conf.5.xml:867
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:873
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:787
+#: sssd.conf.5.xml:876
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1173,24 +1318,36 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:799
+#: sssd.conf.5.xml:888
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:891
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:806
+#: sssd.conf.5.xml:895
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:901
+#, fuzzy
+#| msgid "reconnection_retries (integer)"
+msgid "override_gid (integer)"
+msgstr "reconnection_retries (entero)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:904
+msgid "Override the primary GID value with the one specified."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:579
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -1198,29 +1355,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:818
+#: sssd.conf.5.xml:916
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:919
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:824
+#: sssd.conf.5.xml:922
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:930
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:933
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -1228,19 +1385,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:814
+#: sssd.conf.5.xml:912
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:847
+#: sssd.conf.5.xml:945
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:849
+#: sssd.conf.5.xml:947
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -1248,73 +1405,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:856
+#: sssd.conf.5.xml:954
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:859
+#: sssd.conf.5.xml:957
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:863
+#: sssd.conf.5.xml:961
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:966
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:969
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:974
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:979
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:884
+#: sssd.conf.5.xml:982
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888 sssd.conf.5.xml:900
+#: sssd.conf.5.xml:986 sssd.conf.5.xml:998
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:991
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:994
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:905
+#: sssd.conf.5.xml:1003
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:908
+#: sssd.conf.5.xml:1006
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -1322,17 +1479,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:1014
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:921
+#: sssd.conf.5.xml:1019
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:1022
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -1341,17 +1498,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:934
+#: sssd.conf.5.xml:1032
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:939
+#: sssd.conf.5.xml:1037
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:942
+#: sssd.conf.5.xml:1040
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -1359,17 +1516,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:949
+#: sssd.conf.5.xml:1047
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:954
+#: sssd.conf.5.xml:1052
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:957
+#: sssd.conf.5.xml:1055
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -1377,18 +1534,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1061
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1432 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:188 sssd-krb5.5.xml:414
+#: sssd.conf.5.xml:1071 sssd-ldap.5.xml:1520 sssd-simple.5.xml:126
+#: sssd-ipa.5.xml:230 sssd-krb5.5.xml:414
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1077
#, no-wrap
msgid ""
"[sssd]\n"
@@ -1418,7 +1575,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:975
+#: sssd.conf.5.xml:1073
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -1427,7 +1584,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1108
msgid ""
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
@@ -1491,21 +1648,42 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:63
msgid ""
-"Specifies the list of URIs of the LDAP servers to which SSSD should connect "
-"in the order of preference. Refer to the <quote>FAILOVER</quote> section for "
-"more information on failover and server redundancy. If not specified, "
-"service discovery is enabled. For more information, refer to the "
-"<quote>SERVICE DISCOVERY</quote> section."
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
+"should connect in the order of preference. Refer to the <quote>FAILOVER</"
+"quote> section for more information on failover and server redundancy. If "
+"not specified, service discovery is enabled. For more information, refer to "
+"the <quote>SERVICE DISCOVERY</quote> section."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:70
+msgid "The format of the URI must match the format defined in RFC 2732:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:73
-msgid "ldap_chpass_uri (string)"
+msgid "ldap[s]://&lt;host&gt;[:port]"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:76
msgid ""
+"For explicit IPv6 addresses, &lt;host&gt; must be enclosed in brackets []"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:79
+msgid "example: ldap://[fc00::126:25]:389"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:85
+msgid "ldap_chpass_uri (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:88
+msgid ""
"Specifies the list of URIs of the LDAP servers to which SSSD should connect "
"in the order of preference to change the password of a user. Refer to the "
"<quote>FAILOVER</quote> section for more information on failover and server "
@@ -1513,27 +1691,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:83
+#: sssd-ldap.5.xml:95
msgid "To enable service discovery ldap_chpass_dns_service_name must be set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:87
+#: sssd-ldap.5.xml:99
msgid "Default: empty, i.e. ldap_uri is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:93
+#: sssd-ldap.5.xml:105
msgid "ldap_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:96
+#: sssd-ldap.5.xml:108
msgid "The default base DN to use for performing LDAP user operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:100
+#: sssd-ldap.5.xml:112
msgid ""
"Default: If not set the value of the defaultNamingContext or namingContexts "
"attribute from the RootDSE of the LDAP server is used. If "
@@ -1544,12 +1722,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:114
+#: sssd-ldap.5.xml:126
msgid "ldap_schema (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:117
+#: sssd-ldap.5.xml:129
msgid ""
"Specifies the Schema Type in use on the target LDAP server. Depending on "
"the selected schema, the default attribute names retrieved from the servers "
@@ -1563,201 +1741,208 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:136
+#: sssd-ldap.5.xml:148
msgid "Default: rfc2307"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:142
+#: sssd-ldap.5.xml:154
msgid "ldap_default_bind_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:145
+#: sssd-ldap.5.xml:157
msgid "The default bind DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:152
+#: sssd-ldap.5.xml:164
msgid "ldap_default_authtok_type (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:155
+#: sssd-ldap.5.xml:167
msgid "The type of the authentication token of the default bind DN."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:159
+#: sssd-ldap.5.xml:171
msgid "The two mechanisms currently supported are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:162
+#: sssd-ldap.5.xml:174
msgid "password"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:165
+#: sssd-ldap.5.xml:177
msgid "obfuscated_password"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:180
+#, fuzzy
+#| msgid "Default: 3"
+msgid "Default: password"
+msgstr "Predeterminado: 3"
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:171
+#: sssd-ldap.5.xml:186
msgid "ldap_default_authtok (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:174
+#: sssd-ldap.5.xml:189
msgid ""
"The authentication token of the default bind DN. Only clear text passwords "
"are currently supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:181
+#: sssd-ldap.5.xml:196
msgid "ldap_user_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:184
+#: sssd-ldap.5.xml:199
msgid "The object class of a user entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:187
+#: sssd-ldap.5.xml:202
msgid "Default: posixAccount"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:193
+#: sssd-ldap.5.xml:208
msgid "ldap_user_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:196
+#: sssd-ldap.5.xml:211
msgid "The LDAP attribute that corresponds to the user's login name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:200
+#: sssd-ldap.5.xml:215
msgid "Default: uid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:206
+#: sssd-ldap.5.xml:221
msgid "ldap_user_uid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:209
+#: sssd-ldap.5.xml:224
msgid "The LDAP attribute that corresponds to the user's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:213
+#: sssd-ldap.5.xml:228
msgid "Default: uidNumber"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:219
+#: sssd-ldap.5.xml:234
msgid "ldap_user_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:222
+#: sssd-ldap.5.xml:237
msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:642
+#: sssd-ldap.5.xml:241 sssd-ldap.5.xml:698
msgid "Default: gidNumber"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:232
+#: sssd-ldap.5.xml:247
msgid "ldap_user_gecos (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:235
+#: sssd-ldap.5.xml:250
msgid "The LDAP attribute that corresponds to the user's gecos field."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:239
+#: sssd-ldap.5.xml:254
msgid "Default: gecos"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:245
+#: sssd-ldap.5.xml:260
msgid "ldap_user_home_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:248
+#: sssd-ldap.5.xml:263
msgid "The LDAP attribute that contains the name of the user's home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:252
+#: sssd-ldap.5.xml:267
msgid "Default: homeDirectory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:258
+#: sssd-ldap.5.xml:273
msgid "ldap_user_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:261
+#: sssd-ldap.5.xml:276
msgid "The LDAP attribute that contains the path to the user's default shell."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:265
+#: sssd-ldap.5.xml:280
msgid "Default: loginShell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:271
+#: sssd-ldap.5.xml:286
msgid "ldap_user_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:274
+#: sssd-ldap.5.xml:289
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:668 sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:293 sssd-ldap.5.xml:724 sssd-ldap.5.xml:817
msgid "Default: nsUniqueId"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:284
+#: sssd-ldap.5.xml:299
msgid "ldap_user_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:677 sssd-ldap.5.xml:770
+#: sssd-ldap.5.xml:302 sssd-ldap.5.xml:733 sssd-ldap.5.xml:826
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:681 sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:306 sssd-ldap.5.xml:737 sssd-ldap.5.xml:830
msgid "Default: modifyTimestamp"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:297
+#: sssd-ldap.5.xml:312
msgid "ldap_user_shadow_last_change (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:300
+#: sssd-ldap.5.xml:315
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1766,17 +1951,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:310
+#: sssd-ldap.5.xml:325
msgid "Default: shadowLastChange"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:316
+#: sssd-ldap.5.xml:331
msgid "ldap_user_shadow_min (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:319
+#: sssd-ldap.5.xml:334
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1785,17 +1970,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:328
+#: sssd-ldap.5.xml:343
msgid "Default: shadowMin"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:334
+#: sssd-ldap.5.xml:349
msgid "ldap_user_shadow_max (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:337
+#: sssd-ldap.5.xml:352
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1804,17 +1989,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:346
+#: sssd-ldap.5.xml:361
msgid "Default: shadowMax"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:352
+#: sssd-ldap.5.xml:367
msgid "ldap_user_shadow_warning (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:355
+#: sssd-ldap.5.xml:370
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1823,17 +2008,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:365
+#: sssd-ldap.5.xml:380
msgid "Default: shadowWarning"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:371
+#: sssd-ldap.5.xml:386
msgid "ldap_user_shadow_inactive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:374
+#: sssd-ldap.5.xml:389
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1842,17 +2027,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:384
+#: sssd-ldap.5.xml:399
msgid "Default: shadowInactive"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:390
+#: sssd-ldap.5.xml:405
msgid "ldap_user_shadow_expire (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:393
+#: sssd-ldap.5.xml:408
msgid ""
"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this "
"parameter contains the name of an LDAP attribute corresponding to its "
@@ -1861,17 +2046,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:403
+#: sssd-ldap.5.xml:418
msgid "Default: shadowExpire"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:409
+#: sssd-ldap.5.xml:424
msgid "ldap_user_krb_last_pwd_change (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:412
+#: sssd-ldap.5.xml:427
msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time of last password change in "
@@ -1879,102 +2064,150 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:418
+#: sssd-ldap.5.xml:433
msgid "Default: krbLastPwdChange"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:424
+#: sssd-ldap.5.xml:439
msgid "ldap_user_krb_password_expiration (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:427
+#: sssd-ldap.5.xml:442
msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time when current password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:433
+#: sssd-ldap.5.xml:448
msgid "Default: krbPasswordExpiration"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:439
+#: sssd-ldap.5.xml:454
msgid "ldap_user_ad_account_expires (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:442
+#: sssd-ldap.5.xml:457
msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the expiration time of the account."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:447
+#: sssd-ldap.5.xml:462
msgid "Default: accountExpires"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:453
+#: sssd-ldap.5.xml:468
msgid "ldap_user_ad_user_account_control (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:456
+#: sssd-ldap.5.xml:471
msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the user account control bit field."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:461
+#: sssd-ldap.5.xml:476
msgid "Default: userAccountControl"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:467
+#: sssd-ldap.5.xml:482
msgid "ldap_ns_account_lock (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:470
+#: sssd-ldap.5.xml:485
msgid ""
"When using ldap_account_expire_policy=rhds or equivalent, this parameter "
"determines if access is allowed or not."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:475
+#: sssd-ldap.5.xml:490
msgid "Default: nsAccountLock"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:481
+#: sssd-ldap.5.xml:496
+msgid "ldap_user_nds_login_disabled (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:499
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines if "
+"access is allowed or not."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:503 sssd-ldap.5.xml:517
+#, fuzzy
+#| msgid "Default: 3"
+msgid "Default: loginDisabled"
+msgstr "Predeterminado: 3"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:509
+msgid "ldap_user_nds_login_expiration_time (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:512
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines until "
+"which date access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:523
+msgid "ldap_user_nds_login_allowed_time_map (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:526
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines the "
+"hours of a day in a week when access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:531
+msgid "Default: loginAllowedTimeMap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:537
msgid "ldap_user_principal (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:484
+#: sssd-ldap.5.xml:540
msgid ""
"The LDAP attribute that contains the user's Kerberos User Principal Name "
"(UPN)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:488
+#: sssd-ldap.5.xml:544
msgid "Default: krbPrincipalName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:494
+#: sssd-ldap.5.xml:550
msgid "ldap_force_upper_case_realm (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:497
+#: sssd-ldap.5.xml:553
msgid ""
"Some directory servers, for example Active Directory, might deliver the "
"realm part of the UPN in lower case, which might cause the authentication to "
@@ -1983,35 +2216,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:995 sssd-ipa.5.xml:115 sssd.8.xml:64
+#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:1074 sssd-ipa.5.xml:115 sssd.8.xml:64
#: sssd-krb5.5.xml:235 sssd-krb5.5.xml:266
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:510
+#: sssd-ldap.5.xml:566
msgid "ldap_enumeration_refresh_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:513
+#: sssd-ldap.5.xml:569
msgid ""
"The LDAP attribute that contains how many seconds SSSD has to wait before "
"refreshing its cache of enumerated records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:518
+#: sssd-ldap.5.xml:574
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:524
+#: sssd-ldap.5.xml:580
msgid "ldap_purge_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:527
+#: sssd-ldap.5.xml:583
msgid ""
"Determine how often to check the cache for inactive entries (such as groups "
"with no members and users who have never logged in) and remove them to save "
@@ -2019,52 +2252,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:533
+#: sssd-ldap.5.xml:589
msgid "Setting this option to zero will disable the cache cleanup operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:537
+#: sssd-ldap.5.xml:593
msgid "Default: 10800 (12 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:543
+#: sssd-ldap.5.xml:599
msgid "ldap_user_fullname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:546
+#: sssd-ldap.5.xml:602
msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:629 sssd-ldap.5.xml:722
+#: sssd-ldap.5.xml:606 sssd-ldap.5.xml:685 sssd-ldap.5.xml:778
msgid "Default: cn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:556
+#: sssd-ldap.5.xml:612
msgid "ldap_user_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:559
+#: sssd-ldap.5.xml:615
msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:563
+#: sssd-ldap.5.xml:619
msgid "Default: memberOf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:569
+#: sssd-ldap.5.xml:625
msgid "ldap_user_authorized_service (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:572
+#: sssd-ldap.5.xml:628
msgid ""
"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will "
"use the presence of the authorizedService attribute in the user's LDAP entry "
@@ -2072,24 +2305,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:579
+#: sssd-ldap.5.xml:635
msgid ""
"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
"explicit allow (svc) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:584
+#: sssd-ldap.5.xml:640
msgid "Default: authorizedService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:590
+#: sssd-ldap.5.xml:646
msgid "ldap_user_authorized_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:593
+#: sssd-ldap.5.xml:649
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -2097,91 +2330,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:599
+#: sssd-ldap.5.xml:655
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:604
+#: sssd-ldap.5.xml:660
#, fuzzy
#| msgid "Default: 3"
msgid "Default: host"
msgstr "Predeterminado: 3"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:610
+#: sssd-ldap.5.xml:666
msgid "ldap_group_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:613
+#: sssd-ldap.5.xml:669
msgid "The object class of a group entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:616
+#: sssd-ldap.5.xml:672
msgid "Default: posixGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:622
+#: sssd-ldap.5.xml:678
msgid "ldap_group_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:625
+#: sssd-ldap.5.xml:681
msgid "The LDAP attribute that corresponds to the group name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:635
+#: sssd-ldap.5.xml:691
msgid "ldap_group_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:638
+#: sssd-ldap.5.xml:694
msgid "The LDAP attribute that corresponds to the group's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:648
+#: sssd-ldap.5.xml:704
msgid "ldap_group_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:651
+#: sssd-ldap.5.xml:707
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:655
+#: sssd-ldap.5.xml:711
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:661
+#: sssd-ldap.5.xml:717
msgid "ldap_group_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:664
+#: sssd-ldap.5.xml:720
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:674
+#: sssd-ldap.5.xml:730
msgid "ldap_group_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:687
+#: sssd-ldap.5.xml:743
msgid "ldap_group_nesting_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:690
+#: sssd-ldap.5.xml:746
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -2189,89 +2422,89 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:697
+#: sssd-ldap.5.xml:753
msgid "Default: 2"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:703
+#: sssd-ldap.5.xml:759
msgid "ldap_netgroup_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:706
+#: sssd-ldap.5.xml:762
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:709
+#: sssd-ldap.5.xml:765
msgid "Default: nisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:715
+#: sssd-ldap.5.xml:771
msgid "ldap_netgroup_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:718
+#: sssd-ldap.5.xml:774
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:728
+#: sssd-ldap.5.xml:784
msgid "ldap_netgroup_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:731
+#: sssd-ldap.5.xml:787
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:791
msgid "Default: memberNisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:741
+#: sssd-ldap.5.xml:797
msgid "ldap_netgroup_triple (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:744
+#: sssd-ldap.5.xml:800
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:748
+#: sssd-ldap.5.xml:804
msgid "Default: nisNetgroupTriple"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:754
+#: sssd-ldap.5.xml:810
msgid "ldap_netgroup_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:757
+#: sssd-ldap.5.xml:813
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:767
+#: sssd-ldap.5.xml:823
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:780
+#: sssd-ldap.5.xml:836
msgid "ldap_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:783
+#: sssd-ldap.5.xml:839
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -2279,7 +2512,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:789
+#: sssd-ldap.5.xml:845
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -2287,17 +2520,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:795 sssd-ldap.5.xml:837 sssd-ldap.5.xml:852
+#: sssd-ldap.5.xml:851 sssd-ldap.5.xml:893 sssd-ldap.5.xml:908
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:801
+#: sssd-ldap.5.xml:857
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:804
+#: sssd-ldap.5.xml:860
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -2305,17 +2538,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:811
+#: sssd-ldap.5.xml:867
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:817
+#: sssd-ldap.5.xml:873
msgid "ldap_network_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:820
+#: sssd-ldap.5.xml:876
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -2326,12 +2559,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:843
+#: sssd-ldap.5.xml:899
msgid "ldap_opt_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:846
+#: sssd-ldap.5.xml:902
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -2339,45 +2572,67 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:858
+#: sssd-ldap.5.xml:914
msgid "ldap_page_size (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:861
+#: sssd-ldap.5.xml:917
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:866
+#: sssd-ldap.5.xml:922
#, fuzzy
#| msgid "Default: 3"
msgid "Default: 1000"
msgstr "Predeterminado: 3"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:872
+#: sssd-ldap.5.xml:928
+msgid "ldap_deref_threshold (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:931
+msgid ""
+"Specify the number of group members that must be missing from the internal "
+"cache in order to trigger a dereference lookup. If less members are missing, "
+"they are looked up individually."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:937
+msgid ""
+"A dereference lookup is a means of fetching all group members in a single "
+"LDAP call. Different LDAP servers may implement different dereference "
+"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active "
+"Directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:951
msgid "ldap_tls_reqcert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:875
+#: sssd-ldap.5.xml:954
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:881
+#: sssd-ldap.5.xml:960
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:885
+#: sssd-ldap.5.xml:964
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -2385,7 +2640,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:892
+#: sssd-ldap.5.xml:971
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -2393,7 +2648,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:898
+#: sssd-ldap.5.xml:977
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -2401,41 +2656,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:904
+#: sssd-ldap.5.xml:983
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:908
+#: sssd-ldap.5.xml:987
msgid "Default: hard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:914
+#: sssd-ldap.5.xml:993
msgid "ldap_tls_cacert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:917
+#: sssd-ldap.5.xml:996
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:922 sssd-ldap.5.xml:940 sssd-ldap.5.xml:981
+#: sssd-ldap.5.xml:1001 sssd-ldap.5.xml:1019 sssd-ldap.5.xml:1060
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:1008
msgid "ldap_tls_cacertdir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:1011
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -2444,38 +2699,38 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:947
+#: sssd-ldap.5.xml:1026
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:950
+#: sssd-ldap.5.xml:1029
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:954 sssd-ldap.5.xml:966 sssd-ldap.5.xml:1395
-#: sssd-ldap.5.xml:1418 sssd-krb5.5.xml:356
+#: sssd-ldap.5.xml:1033 sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1483
+#: sssd-ldap.5.xml:1506 sssd-krb5.5.xml:356
msgid "Default: not set"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:960
+#: sssd-ldap.5.xml:1039
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:1042
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:972
+#: sssd-ldap.5.xml:1051
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:975
+#: sssd-ldap.5.xml:1054
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -2483,73 +2738,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:988
+#: sssd-ldap.5.xml:1067
msgid "ldap_id_use_start_tls (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:991
+#: sssd-ldap.5.xml:1070
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1001
+#: sssd-ldap.5.xml:1080
msgid "ldap_sasl_mech (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1004
+#: sssd-ldap.5.xml:1083
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1136
+#: sssd-ldap.5.xml:1087 sssd-ldap.5.xml:1215
msgid "Default: none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1014
+#: sssd-ldap.5.xml:1093
msgid "ldap_sasl_authid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1017
+#: sssd-ldap.5.xml:1096
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1022
+#: sssd-ldap.5.xml:1101
msgid "Default: host/machine.fqdn@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1028
+#: sssd-ldap.5.xml:1107
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1031
+#: sssd-ldap.5.xml:1110
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1034
+#: sssd-ldap.5.xml:1113
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1119
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1043
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -2557,27 +2812,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1055
+#: sssd-ldap.5.xml:1134
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1058
+#: sssd-ldap.5.xml:1137
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1062
+#: sssd-ldap.5.xml:1141
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1147 sssd-krb5.5.xml:74
msgid "krb5_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071 sssd-krb5.5.xml:77
+#: sssd-ldap.5.xml:1150 sssd-krb5.5.xml:77
msgid ""
"Specifies the list of IP addresses or hostnames of the Kerberos servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -2588,7 +2843,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1162 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -2596,7 +2851,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1088 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1167 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -2604,41 +2859,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1097 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1176 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1100
+#: sssd-ldap.5.xml:1179
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1103
+#: sssd-ldap.5.xml:1182
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1109
+#: sssd-ldap.5.xml:1188
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1112
+#: sssd-ldap.5.xml:1191
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1117
+#: sssd-ldap.5.xml:1196
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1122
+#: sssd-ldap.5.xml:1201
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -2647,7 +2902,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1130
+#: sssd-ldap.5.xml:1209
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -2655,61 +2910,61 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1142
+#: sssd-ldap.5.xml:1221
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1145
+#: sssd-ldap.5.xml:1224
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1228
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1160
+#: sssd-ldap.5.xml:1239
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1242
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1167
+#: sssd-ldap.5.xml:1246
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1173
+#: sssd-ldap.5.xml:1252
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1176
+#: sssd-ldap.5.xml:1255
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1181
+#: sssd-ldap.5.xml:1260
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1187
+#: sssd-ldap.5.xml:1266
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1190
+#: sssd-ldap.5.xml:1269
msgid ""
"If using access_provider = ldap, this option is mandatory. It specifies an "
"LDAP search filter criteria that must be met for the user to be granted "
@@ -2719,12 +2974,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1200 sssd-ldap.5.xml:1398
+#: sssd-ldap.5.xml:1279 sssd-ldap.5.xml:1486
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1203
+#: sssd-ldap.5.xml:1282
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -2733,14 +2988,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1286
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1291
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -2749,24 +3004,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1220 sssd-ldap.5.xml:1261
+#: sssd-ldap.5.xml:1299 sssd-ldap.5.xml:1349
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1305
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1308
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1312
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -2774,19 +3029,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1240
+#: sssd-ldap.5.xml:1319
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1243
+#: sssd-ldap.5.xml:1322
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1248
+#: sssd-ldap.5.xml:1327
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -2795,97 +3050,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1255
+#: sssd-ldap.5.xml:1334
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
"allowed or not."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1340
+msgid ""
+"<emphasis>nds</emphasis>: the values of "
+"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
+"ldap_user_nds_login_expiration_time are used to check if access is allowed. "
+"If both attributes are missing access is granted."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1355
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1270
+#: sssd-ldap.5.xml:1358
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1362
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1277
+#: sssd-ldap.5.xml:1365
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1281
+#: sssd-ldap.5.xml:1369
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1374
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1378
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1293
+#: sssd-ldap.5.xml:1381
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1300
+#: sssd-ldap.5.xml:1388
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1303
+#: sssd-ldap.5.xml:1391
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1308
+#: sssd-ldap.5.xml:1396
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1312
+#: sssd-ldap.5.xml:1400
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1317
+#: sssd-ldap.5.xml:1405
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1322
+#: sssd-ldap.5.xml:1410
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1327
+#: sssd-ldap.5.xml:1415
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -2902,60 +3166,60 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1339
+#: sssd-ldap.5.xml:1427
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1346
+#: sssd-ldap.5.xml:1434
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1349
+#: sssd-ldap.5.xml:1437
msgid ""
"An optional base DN to restrict netgroup searches to a specific subtree."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1353 sssd-ldap.5.xml:1367 sssd-ldap.5.xml:1381
+#: sssd-ldap.5.xml:1441 sssd-ldap.5.xml:1455 sssd-ldap.5.xml:1469
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1360
+#: sssd-ldap.5.xml:1448
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1451
msgid "An optional base DN to restrict user searches to a specific subtree."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1374
+#: sssd-ldap.5.xml:1462
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1377
+#: sssd-ldap.5.xml:1465
msgid "An optional base DN to restrict group searches to a specific subtree."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1388
+#: sssd-ldap.5.xml:1476
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1391
+#: sssd-ldap.5.xml:1479
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1401
+#: sssd-ldap.5.xml:1489
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -2963,26 +3227,26 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1404
+#: sssd-ldap.5.xml:1492
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1411
+#: sssd-ldap.5.xml:1499
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1414
+#: sssd-ldap.5.xml:1502
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1341
+#: sssd-ldap.5.xml:1429
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -2990,7 +3254,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1434
+#: sssd-ldap.5.xml:1522
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -2998,7 +3262,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:1440
+#: sssd-ldap.5.xml:1528
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -3012,18 +3276,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1439 sssd-simple.5.xml:134 sssd-ipa.5.xml:196
+#: sssd-ldap.5.xml:1527 sssd-simple.5.xml:134 sssd-ipa.5.xml:238
#: sssd-krb5.5.xml:423
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1453 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:1541 sssd_krb5_locator_plugin.8.xml:61
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1543
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -3032,7 +3296,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1466
+#: sssd-ldap.5.xml:1554
msgid ""
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
@@ -3534,8 +3798,65 @@ msgid ""
"converted into the base DN to use for performing LDAP operations."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:179
+#, fuzzy
+#| msgid "reconnection_retries (integer)"
+msgid "ipa_hbac_refresh (integer)"
+msgstr "reconnection_retries (entero)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:182
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server. "
+"This will reduce the latency and load on the IPA server if there are many "
+"access-control requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:189
+#, fuzzy
+#| msgid "Default: 3"
+msgid "Default: 5 (seconds)"
+msgstr "Predeterminado: 3"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:194
+msgid "ipa_hbac_treat_deny_as (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:197
+msgid ""
+"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
+"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
+"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The "
+"client will support two modes of operation during this transition period:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:206
+msgid ""
+"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
+"users will be denied access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:211
+msgid ""
+"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
+"careful with this option, as it may result in opening unintended access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:216
+#, fuzzy
+#| msgid "Default: 3"
+msgid "Default: DENY_ALL"
+msgstr "Predeterminado: 3"
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:190
+#: sssd-ipa.5.xml:232
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -3543,7 +3864,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:197
+#: sssd-ipa.5.xml:239
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -3553,7 +3874,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:208
+#: sssd-ipa.5.xml:250
msgid ""
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</"
@@ -4098,21 +4419,6 @@ msgstr ""
msgid "krb5_ccname_template (string)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:166
-msgid "%u"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:167
-msgid "login name"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:170
-msgid "%U"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:171
msgid "login UID"
@@ -4148,11 +4454,6 @@ msgstr ""
msgid "home directory"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:188
-msgid "%d"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:189
msgid "value of krb5ccache_dir"
@@ -4168,16 +4469,6 @@ msgstr ""
msgid "the process ID of the sssd client"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:200
-msgid "%%"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:201
-msgid "a literal '%'"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:160
msgid ""
diff --git a/src/man/po/nl.po b/src/man/po/nl.po
index bef6833f0..accbe37a2 100644
--- a/src/man/po/nl.po
+++ b/src/man/po/nl.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-04-27 11:41-0300\n"
+"POT-Creation-Date: 2011-08-02 15:55-0300\n"
"PO-Revision-Date: 2011-03-08 15:06+0000\n"
"Last-Translator: sgallagh <sgallagh@redhat.com>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -119,9 +119,9 @@ msgstr ""
"replaceable> parameter."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1464
+#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1106 sssd-ldap.5.xml:1552
#: pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143
-#: sssd-ipa.5.xml:206 sssd.8.xml:166 sss_obfuscate.8.xml:103
+#: sssd-ipa.5.xml:248 sssd.8.xml:166 sss_obfuscate.8.xml:103
#: sss_useradd.8.xml:167 sssd-krb5.5.xml:433 sss_groupadd.8.xml:58
#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58
#: sss_usermod.8.xml:138
@@ -254,7 +254,7 @@ msgid "The [sssd] section"
msgstr "De [sssd] sectie"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:70 sssd.conf.5.xml:854
+#: sssd.conf.5.xml:70 sssd.conf.5.xml:952
msgid "Section parameters"
msgstr "Sectie parameters"
@@ -500,8 +500,8 @@ msgid "Add a timestamp to the debug messages"
msgstr "Voeg een tijdstempel toe aan de debugberichten"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1049
-#: sssd-ldap.5.xml:1154 sssd-ipa.5.xml:155
+#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1128
+#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:155
msgid "Default: true"
msgstr "Standaard: true"
@@ -636,61 +636,206 @@ msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:358
+msgid "override_homedir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:367 sssd-krb5.5.xml:166
+msgid "%u"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:368 sssd-krb5.5.xml:167
+msgid "login name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:371 sssd-krb5.5.xml:170
+msgid "%U"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:372
+msgid "UID number"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:375 sssd-krb5.5.xml:188
+msgid "%d"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:376
+#, fuzzy
+#| msgid "domains"
+msgid "domain name"
+msgstr "domeinen"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:379
+msgid "%f"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:380
+msgid "fully qualified user name (user@domain)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:383 sssd-krb5.5.xml:200
+msgid "%%"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:384 sssd-krb5.5.xml:201
+msgid "a literal '%'"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:361
+msgid ""
+"Override the user's home directory. You can either provide an absolute value "
+"or a template. In the template, the following sequences are substituted: "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:390
+msgid "This option can also be set per-domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:395
+msgid "allowed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:398
+msgid ""
+"Restrict user shell to one of the listed values. The order of evaluation is:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:401
+msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:405
+msgid ""
+"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
+"quote>, use the value of the shell_fallback parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:410
+msgid ""
+"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
+"shells</quote>, a nologin shell is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:415
+msgid "An empty string for shell is passed as-is to libc."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:418
+msgid ""
+"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
+"that a restart of the SSSD is required in case a new shell is installed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:422
+msgid "Default: Not set. The user shell is automatically used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:427
+msgid "vetoed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:430
+msgid "Replace any instance of these shells with the shell_fallback"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:435
+msgid "shell_fallback (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:438
+msgid ""
+"The default shell to use if an allowed shell is not installed on the machine."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:442
+#, fuzzy
+#| msgid "Default: 3"
+msgid "Default: /bin/sh"
+msgstr "Standaard: 3"
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:360
+#: sssd.conf.5.xml:449
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:362
+#: sssd.conf.5.xml:451
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:367
+#: sssd.conf.5.xml:456
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:459
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:375 sssd.conf.5.xml:388
+#: sssd.conf.5.xml:464 sssd.conf.5.xml:477
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:381
+#: sssd.conf.5.xml:470
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:473
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:483
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:397
+#: sssd.conf.5.xml:486
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:491
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -698,59 +843,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:408 sssd.conf.5.xml:461 sssd.conf.5.xml:793
+#: sssd.conf.5.xml:497 sssd.conf.5.xml:550 sssd.conf.5.xml:882
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:414
+#: sssd.conf.5.xml:503
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:417
+#: sssd.conf.5.xml:506
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:422
+#: sssd.conf.5.xml:511
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:425
+#: sssd.conf.5.xml:514
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:428
+#: sssd.conf.5.xml:517
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:432
+#: sssd.conf.5.xml:521
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435
+#: sssd.conf.5.xml:524
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:528
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:444
+#: sssd.conf.5.xml:533
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:447
+#: sssd.conf.5.xml:536
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -758,7 +903,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:453
+#: sssd.conf.5.xml:542
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -767,17 +912,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:556
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:470
+#: sssd.conf.5.xml:559
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:562
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -785,29 +930,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:479
+#: sssd.conf.5.xml:568
msgid "Default: 7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:488
+#: sssd.conf.5.xml:577
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:495
+#: sssd.conf.5.xml:584
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:587
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:592
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -816,56 +961,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:599
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:516
+#: sssd.conf.5.xml:605
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:608
msgid ""
"Timeout in seconds between heartbeats for this domain. This is used to "
"ensure that the backend process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:524
+#: sssd.conf.5.xml:613 sssd-ldap.5.xml:945
msgid "Default: 10"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:619
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:533
+#: sssd.conf.5.xml:622
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:626
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:540
+#: sssd.conf.5.xml:629
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:543 sssd.conf.5.xml:591 sssd.conf.5.xml:645
+#: sssd.conf.5.xml:632 sssd.conf.5.xml:680 sssd.conf.5.xml:734
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:635
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -875,14 +1020,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:556
+#: sssd.conf.5.xml:645
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:561
+#: sssd.conf.5.xml:650
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -891,39 +1036,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:572
+#: sssd.conf.5.xml:661
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:575
+#: sssd.conf.5.xml:664
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:579
+#: sssd.conf.5.xml:668
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:584
+#: sssd.conf.5.xml:673
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:587
+#: sssd.conf.5.xml:676
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:685
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:599
+#: sssd.conf.5.xml:688
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -932,47 +1077,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:606
+#: sssd.conf.5.xml:695
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:612
+#: sssd.conf.5.xml:701
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:704
msgid "The Data Provider identity backend to use for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:619
+#: sssd.conf.5.xml:708
msgid "Supported backends:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:622
+#: sssd.conf.5.xml:711
msgid "proxy: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:625
+#: sssd.conf.5.xml:714
msgid "local: SSSD internal local provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:628
+#: sssd.conf.5.xml:717
msgid "ldap: LDAP provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:723
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:726
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -981,19 +1126,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:739
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:742
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:657
+#: sssd.conf.5.xml:746
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1001,7 +1146,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:664
+#: sssd.conf.5.xml:753
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1009,30 +1154,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:671
+#: sssd.conf.5.xml:760
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:763
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:677
+#: sssd.conf.5.xml:766
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:683
+#: sssd.conf.5.xml:772
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:775
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1040,17 +1185,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:781
msgid "<quote>permit</quote> always allow access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:695
+#: sssd.conf.5.xml:784
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698
+#: sssd.conf.5.xml:787
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1059,24 +1204,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:794
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:799
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:713
+#: sssd.conf.5.xml:802
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:718
+#: sssd.conf.5.xml:807
msgid ""
"<quote>ipa</quote> to change a password stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1084,7 +1229,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:726
+#: sssd.conf.5.xml:815
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1092,7 +1237,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734
+#: sssd.conf.5.xml:823
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1100,72 +1245,72 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:742
+#: sssd.conf.5.xml:831
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:746
+#: sssd.conf.5.xml:835
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:838
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:756
+#: sssd.conf.5.xml:845
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:759
+#: sssd.conf.5.xml:848
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:763
+#: sssd.conf.5.xml:852
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:766
+#: sssd.conf.5.xml:855
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:769
+#: sssd.conf.5.xml:858
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:772
+#: sssd.conf.5.xml:861
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:864
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:778
+#: sssd.conf.5.xml:867
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:873
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:787
+#: sssd.conf.5.xml:876
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1173,24 +1318,36 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:799
+#: sssd.conf.5.xml:888
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:891
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:806
+#: sssd.conf.5.xml:895
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:901
+#, fuzzy
+#| msgid "reconnection_retries (integer)"
+msgid "override_gid (integer)"
+msgstr "reconnection_retries (numeriek)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:904
+msgid "Override the primary GID value with the one specified."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:579
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -1198,29 +1355,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:818
+#: sssd.conf.5.xml:916
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:919
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:824
+#: sssd.conf.5.xml:922
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:930
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:933
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -1228,19 +1385,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:814
+#: sssd.conf.5.xml:912
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:847
+#: sssd.conf.5.xml:945
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:849
+#: sssd.conf.5.xml:947
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -1248,73 +1405,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:856
+#: sssd.conf.5.xml:954
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:859
+#: sssd.conf.5.xml:957
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:863
+#: sssd.conf.5.xml:961
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:966
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:969
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:974
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:979
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:884
+#: sssd.conf.5.xml:982
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888 sssd.conf.5.xml:900
+#: sssd.conf.5.xml:986 sssd.conf.5.xml:998
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:991
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:994
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:905
+#: sssd.conf.5.xml:1003
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:908
+#: sssd.conf.5.xml:1006
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -1322,17 +1479,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:1014
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:921
+#: sssd.conf.5.xml:1019
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:1022
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -1341,17 +1498,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:934
+#: sssd.conf.5.xml:1032
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:939
+#: sssd.conf.5.xml:1037
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:942
+#: sssd.conf.5.xml:1040
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -1359,17 +1516,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:949
+#: sssd.conf.5.xml:1047
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:954
+#: sssd.conf.5.xml:1052
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:957
+#: sssd.conf.5.xml:1055
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -1377,18 +1534,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1061
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1432 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:188 sssd-krb5.5.xml:414
+#: sssd.conf.5.xml:1071 sssd-ldap.5.xml:1520 sssd-simple.5.xml:126
+#: sssd-ipa.5.xml:230 sssd-krb5.5.xml:414
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1077
#, no-wrap
msgid ""
"[sssd]\n"
@@ -1418,7 +1575,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:975
+#: sssd.conf.5.xml:1073
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -1427,7 +1584,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1108
msgid ""
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
@@ -1491,21 +1648,42 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:63
msgid ""
-"Specifies the list of URIs of the LDAP servers to which SSSD should connect "
-"in the order of preference. Refer to the <quote>FAILOVER</quote> section for "
-"more information on failover and server redundancy. If not specified, "
-"service discovery is enabled. For more information, refer to the "
-"<quote>SERVICE DISCOVERY</quote> section."
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
+"should connect in the order of preference. Refer to the <quote>FAILOVER</"
+"quote> section for more information on failover and server redundancy. If "
+"not specified, service discovery is enabled. For more information, refer to "
+"the <quote>SERVICE DISCOVERY</quote> section."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:70
+msgid "The format of the URI must match the format defined in RFC 2732:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:73
-msgid "ldap_chpass_uri (string)"
+msgid "ldap[s]://&lt;host&gt;[:port]"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:76
msgid ""
+"For explicit IPv6 addresses, &lt;host&gt; must be enclosed in brackets []"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:79
+msgid "example: ldap://[fc00::126:25]:389"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:85
+msgid "ldap_chpass_uri (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:88
+msgid ""
"Specifies the list of URIs of the LDAP servers to which SSSD should connect "
"in the order of preference to change the password of a user. Refer to the "
"<quote>FAILOVER</quote> section for more information on failover and server "
@@ -1513,27 +1691,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:83
+#: sssd-ldap.5.xml:95
msgid "To enable service discovery ldap_chpass_dns_service_name must be set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:87
+#: sssd-ldap.5.xml:99
msgid "Default: empty, i.e. ldap_uri is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:93
+#: sssd-ldap.5.xml:105
msgid "ldap_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:96
+#: sssd-ldap.5.xml:108
msgid "The default base DN to use for performing LDAP user operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:100
+#: sssd-ldap.5.xml:112
msgid ""
"Default: If not set the value of the defaultNamingContext or namingContexts "
"attribute from the RootDSE of the LDAP server is used. If "
@@ -1544,12 +1722,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:114
+#: sssd-ldap.5.xml:126
msgid "ldap_schema (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:117
+#: sssd-ldap.5.xml:129
msgid ""
"Specifies the Schema Type in use on the target LDAP server. Depending on "
"the selected schema, the default attribute names retrieved from the servers "
@@ -1563,201 +1741,208 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:136
+#: sssd-ldap.5.xml:148
msgid "Default: rfc2307"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:142
+#: sssd-ldap.5.xml:154
msgid "ldap_default_bind_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:145
+#: sssd-ldap.5.xml:157
msgid "The default bind DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:152
+#: sssd-ldap.5.xml:164
msgid "ldap_default_authtok_type (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:155
+#: sssd-ldap.5.xml:167
msgid "The type of the authentication token of the default bind DN."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:159
+#: sssd-ldap.5.xml:171
msgid "The two mechanisms currently supported are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:162
+#: sssd-ldap.5.xml:174
msgid "password"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:165
+#: sssd-ldap.5.xml:177
msgid "obfuscated_password"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:180
+#, fuzzy
+#| msgid "Default: 3"
+msgid "Default: password"
+msgstr "Standaard: 3"
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:171
+#: sssd-ldap.5.xml:186
msgid "ldap_default_authtok (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:174
+#: sssd-ldap.5.xml:189
msgid ""
"The authentication token of the default bind DN. Only clear text passwords "
"are currently supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:181
+#: sssd-ldap.5.xml:196
msgid "ldap_user_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:184
+#: sssd-ldap.5.xml:199
msgid "The object class of a user entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:187
+#: sssd-ldap.5.xml:202
msgid "Default: posixAccount"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:193
+#: sssd-ldap.5.xml:208
msgid "ldap_user_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:196
+#: sssd-ldap.5.xml:211
msgid "The LDAP attribute that corresponds to the user's login name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:200
+#: sssd-ldap.5.xml:215
msgid "Default: uid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:206
+#: sssd-ldap.5.xml:221
msgid "ldap_user_uid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:209
+#: sssd-ldap.5.xml:224
msgid "The LDAP attribute that corresponds to the user's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:213
+#: sssd-ldap.5.xml:228
msgid "Default: uidNumber"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:219
+#: sssd-ldap.5.xml:234
msgid "ldap_user_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:222
+#: sssd-ldap.5.xml:237
msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:642
+#: sssd-ldap.5.xml:241 sssd-ldap.5.xml:698
msgid "Default: gidNumber"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:232
+#: sssd-ldap.5.xml:247
msgid "ldap_user_gecos (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:235
+#: sssd-ldap.5.xml:250
msgid "The LDAP attribute that corresponds to the user's gecos field."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:239
+#: sssd-ldap.5.xml:254
msgid "Default: gecos"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:245
+#: sssd-ldap.5.xml:260
msgid "ldap_user_home_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:248
+#: sssd-ldap.5.xml:263
msgid "The LDAP attribute that contains the name of the user's home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:252
+#: sssd-ldap.5.xml:267
msgid "Default: homeDirectory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:258
+#: sssd-ldap.5.xml:273
msgid "ldap_user_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:261
+#: sssd-ldap.5.xml:276
msgid "The LDAP attribute that contains the path to the user's default shell."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:265
+#: sssd-ldap.5.xml:280
msgid "Default: loginShell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:271
+#: sssd-ldap.5.xml:286
msgid "ldap_user_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:274
+#: sssd-ldap.5.xml:289
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:668 sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:293 sssd-ldap.5.xml:724 sssd-ldap.5.xml:817
msgid "Default: nsUniqueId"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:284
+#: sssd-ldap.5.xml:299
msgid "ldap_user_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:677 sssd-ldap.5.xml:770
+#: sssd-ldap.5.xml:302 sssd-ldap.5.xml:733 sssd-ldap.5.xml:826
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:681 sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:306 sssd-ldap.5.xml:737 sssd-ldap.5.xml:830
msgid "Default: modifyTimestamp"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:297
+#: sssd-ldap.5.xml:312
msgid "ldap_user_shadow_last_change (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:300
+#: sssd-ldap.5.xml:315
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1766,17 +1951,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:310
+#: sssd-ldap.5.xml:325
msgid "Default: shadowLastChange"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:316
+#: sssd-ldap.5.xml:331
msgid "ldap_user_shadow_min (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:319
+#: sssd-ldap.5.xml:334
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1785,17 +1970,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:328
+#: sssd-ldap.5.xml:343
msgid "Default: shadowMin"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:334
+#: sssd-ldap.5.xml:349
msgid "ldap_user_shadow_max (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:337
+#: sssd-ldap.5.xml:352
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1804,17 +1989,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:346
+#: sssd-ldap.5.xml:361
msgid "Default: shadowMax"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:352
+#: sssd-ldap.5.xml:367
msgid "ldap_user_shadow_warning (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:355
+#: sssd-ldap.5.xml:370
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1823,17 +2008,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:365
+#: sssd-ldap.5.xml:380
msgid "Default: shadowWarning"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:371
+#: sssd-ldap.5.xml:386
msgid "ldap_user_shadow_inactive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:374
+#: sssd-ldap.5.xml:389
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1842,17 +2027,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:384
+#: sssd-ldap.5.xml:399
msgid "Default: shadowInactive"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:390
+#: sssd-ldap.5.xml:405
msgid "ldap_user_shadow_expire (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:393
+#: sssd-ldap.5.xml:408
msgid ""
"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this "
"parameter contains the name of an LDAP attribute corresponding to its "
@@ -1861,17 +2046,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:403
+#: sssd-ldap.5.xml:418
msgid "Default: shadowExpire"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:409
+#: sssd-ldap.5.xml:424
msgid "ldap_user_krb_last_pwd_change (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:412
+#: sssd-ldap.5.xml:427
msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time of last password change in "
@@ -1879,102 +2064,150 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:418
+#: sssd-ldap.5.xml:433
msgid "Default: krbLastPwdChange"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:424
+#: sssd-ldap.5.xml:439
msgid "ldap_user_krb_password_expiration (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:427
+#: sssd-ldap.5.xml:442
msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time when current password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:433
+#: sssd-ldap.5.xml:448
msgid "Default: krbPasswordExpiration"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:439
+#: sssd-ldap.5.xml:454
msgid "ldap_user_ad_account_expires (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:442
+#: sssd-ldap.5.xml:457
msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the expiration time of the account."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:447
+#: sssd-ldap.5.xml:462
msgid "Default: accountExpires"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:453
+#: sssd-ldap.5.xml:468
msgid "ldap_user_ad_user_account_control (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:456
+#: sssd-ldap.5.xml:471
msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the user account control bit field."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:461
+#: sssd-ldap.5.xml:476
msgid "Default: userAccountControl"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:467
+#: sssd-ldap.5.xml:482
msgid "ldap_ns_account_lock (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:470
+#: sssd-ldap.5.xml:485
msgid ""
"When using ldap_account_expire_policy=rhds or equivalent, this parameter "
"determines if access is allowed or not."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:475
+#: sssd-ldap.5.xml:490
msgid "Default: nsAccountLock"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:481
+#: sssd-ldap.5.xml:496
+msgid "ldap_user_nds_login_disabled (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:499
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines if "
+"access is allowed or not."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:503 sssd-ldap.5.xml:517
+#, fuzzy
+#| msgid "Default: 3"
+msgid "Default: loginDisabled"
+msgstr "Standaard: 3"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:509
+msgid "ldap_user_nds_login_expiration_time (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:512
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines until "
+"which date access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:523
+msgid "ldap_user_nds_login_allowed_time_map (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:526
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines the "
+"hours of a day in a week when access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:531
+msgid "Default: loginAllowedTimeMap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:537
msgid "ldap_user_principal (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:484
+#: sssd-ldap.5.xml:540
msgid ""
"The LDAP attribute that contains the user's Kerberos User Principal Name "
"(UPN)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:488
+#: sssd-ldap.5.xml:544
msgid "Default: krbPrincipalName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:494
+#: sssd-ldap.5.xml:550
msgid "ldap_force_upper_case_realm (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:497
+#: sssd-ldap.5.xml:553
msgid ""
"Some directory servers, for example Active Directory, might deliver the "
"realm part of the UPN in lower case, which might cause the authentication to "
@@ -1983,35 +2216,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:995 sssd-ipa.5.xml:115 sssd.8.xml:64
+#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:1074 sssd-ipa.5.xml:115 sssd.8.xml:64
#: sssd-krb5.5.xml:235 sssd-krb5.5.xml:266
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:510
+#: sssd-ldap.5.xml:566
msgid "ldap_enumeration_refresh_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:513
+#: sssd-ldap.5.xml:569
msgid ""
"The LDAP attribute that contains how many seconds SSSD has to wait before "
"refreshing its cache of enumerated records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:518
+#: sssd-ldap.5.xml:574
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:524
+#: sssd-ldap.5.xml:580
msgid "ldap_purge_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:527
+#: sssd-ldap.5.xml:583
msgid ""
"Determine how often to check the cache for inactive entries (such as groups "
"with no members and users who have never logged in) and remove them to save "
@@ -2019,52 +2252,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:533
+#: sssd-ldap.5.xml:589
msgid "Setting this option to zero will disable the cache cleanup operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:537
+#: sssd-ldap.5.xml:593
msgid "Default: 10800 (12 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:543
+#: sssd-ldap.5.xml:599
msgid "ldap_user_fullname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:546
+#: sssd-ldap.5.xml:602
msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:629 sssd-ldap.5.xml:722
+#: sssd-ldap.5.xml:606 sssd-ldap.5.xml:685 sssd-ldap.5.xml:778
msgid "Default: cn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:556
+#: sssd-ldap.5.xml:612
msgid "ldap_user_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:559
+#: sssd-ldap.5.xml:615
msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:563
+#: sssd-ldap.5.xml:619
msgid "Default: memberOf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:569
+#: sssd-ldap.5.xml:625
msgid "ldap_user_authorized_service (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:572
+#: sssd-ldap.5.xml:628
msgid ""
"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will "
"use the presence of the authorizedService attribute in the user's LDAP entry "
@@ -2072,24 +2305,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:579
+#: sssd-ldap.5.xml:635
msgid ""
"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
"explicit allow (svc) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:584
+#: sssd-ldap.5.xml:640
msgid "Default: authorizedService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:590
+#: sssd-ldap.5.xml:646
msgid "ldap_user_authorized_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:593
+#: sssd-ldap.5.xml:649
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -2097,91 +2330,91 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:599
+#: sssd-ldap.5.xml:655
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:604
+#: sssd-ldap.5.xml:660
#, fuzzy
#| msgid "Default: 3"
msgid "Default: host"
msgstr "Standaard: 3"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:610
+#: sssd-ldap.5.xml:666
msgid "ldap_group_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:613
+#: sssd-ldap.5.xml:669
msgid "The object class of a group entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:616
+#: sssd-ldap.5.xml:672
msgid "Default: posixGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:622
+#: sssd-ldap.5.xml:678
msgid "ldap_group_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:625
+#: sssd-ldap.5.xml:681
msgid "The LDAP attribute that corresponds to the group name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:635
+#: sssd-ldap.5.xml:691
msgid "ldap_group_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:638
+#: sssd-ldap.5.xml:694
msgid "The LDAP attribute that corresponds to the group's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:648
+#: sssd-ldap.5.xml:704
msgid "ldap_group_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:651
+#: sssd-ldap.5.xml:707
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:655
+#: sssd-ldap.5.xml:711
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:661
+#: sssd-ldap.5.xml:717
msgid "ldap_group_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:664
+#: sssd-ldap.5.xml:720
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:674
+#: sssd-ldap.5.xml:730
msgid "ldap_group_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:687
+#: sssd-ldap.5.xml:743
msgid "ldap_group_nesting_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:690
+#: sssd-ldap.5.xml:746
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -2189,89 +2422,89 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:697
+#: sssd-ldap.5.xml:753
msgid "Default: 2"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:703
+#: sssd-ldap.5.xml:759
msgid "ldap_netgroup_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:706
+#: sssd-ldap.5.xml:762
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:709
+#: sssd-ldap.5.xml:765
msgid "Default: nisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:715
+#: sssd-ldap.5.xml:771
msgid "ldap_netgroup_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:718
+#: sssd-ldap.5.xml:774
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:728
+#: sssd-ldap.5.xml:784
msgid "ldap_netgroup_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:731
+#: sssd-ldap.5.xml:787
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:791
msgid "Default: memberNisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:741
+#: sssd-ldap.5.xml:797
msgid "ldap_netgroup_triple (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:744
+#: sssd-ldap.5.xml:800
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:748
+#: sssd-ldap.5.xml:804
msgid "Default: nisNetgroupTriple"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:754
+#: sssd-ldap.5.xml:810
msgid "ldap_netgroup_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:757
+#: sssd-ldap.5.xml:813
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:767
+#: sssd-ldap.5.xml:823
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:780
+#: sssd-ldap.5.xml:836
msgid "ldap_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:783
+#: sssd-ldap.5.xml:839
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -2279,7 +2512,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:789
+#: sssd-ldap.5.xml:845
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -2287,17 +2520,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:795 sssd-ldap.5.xml:837 sssd-ldap.5.xml:852
+#: sssd-ldap.5.xml:851 sssd-ldap.5.xml:893 sssd-ldap.5.xml:908
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:801
+#: sssd-ldap.5.xml:857
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:804
+#: sssd-ldap.5.xml:860
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -2305,17 +2538,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:811
+#: sssd-ldap.5.xml:867
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:817
+#: sssd-ldap.5.xml:873
msgid "ldap_network_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:820
+#: sssd-ldap.5.xml:876
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -2326,12 +2559,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:843
+#: sssd-ldap.5.xml:899
msgid "ldap_opt_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:846
+#: sssd-ldap.5.xml:902
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -2339,47 +2572,71 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:858
+#: sssd-ldap.5.xml:914
#, fuzzy
#| msgid "debug_level (integer)"
msgid "ldap_page_size (integer)"
msgstr "debug_level (numeriek)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:861
+#: sssd-ldap.5.xml:917
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:866
+#: sssd-ldap.5.xml:922
#, fuzzy
#| msgid "Default: 120"
msgid "Default: 1000"
msgstr "Standaard: 120"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:872
+#: sssd-ldap.5.xml:928
+#, fuzzy
+#| msgid "debug_level (integer)"
+msgid "ldap_deref_threshold (integer)"
+msgstr "debug_level (numeriek)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:931
+msgid ""
+"Specify the number of group members that must be missing from the internal "
+"cache in order to trigger a dereference lookup. If less members are missing, "
+"they are looked up individually."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:937
+msgid ""
+"A dereference lookup is a means of fetching all group members in a single "
+"LDAP call. Different LDAP servers may implement different dereference "
+"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active "
+"Directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:951
msgid "ldap_tls_reqcert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:875
+#: sssd-ldap.5.xml:954
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:881
+#: sssd-ldap.5.xml:960
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:885
+#: sssd-ldap.5.xml:964
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -2387,7 +2644,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:892
+#: sssd-ldap.5.xml:971
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -2395,7 +2652,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:898
+#: sssd-ldap.5.xml:977
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -2403,41 +2660,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:904
+#: sssd-ldap.5.xml:983
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:908
+#: sssd-ldap.5.xml:987
msgid "Default: hard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:914
+#: sssd-ldap.5.xml:993
msgid "ldap_tls_cacert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:917
+#: sssd-ldap.5.xml:996
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:922 sssd-ldap.5.xml:940 sssd-ldap.5.xml:981
+#: sssd-ldap.5.xml:1001 sssd-ldap.5.xml:1019 sssd-ldap.5.xml:1060
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:1008
msgid "ldap_tls_cacertdir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:1011
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -2446,38 +2703,38 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:947
+#: sssd-ldap.5.xml:1026
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:950
+#: sssd-ldap.5.xml:1029
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:954 sssd-ldap.5.xml:966 sssd-ldap.5.xml:1395
-#: sssd-ldap.5.xml:1418 sssd-krb5.5.xml:356
+#: sssd-ldap.5.xml:1033 sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1483
+#: sssd-ldap.5.xml:1506 sssd-krb5.5.xml:356
msgid "Default: not set"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:960
+#: sssd-ldap.5.xml:1039
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:1042
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:972
+#: sssd-ldap.5.xml:1051
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:975
+#: sssd-ldap.5.xml:1054
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -2485,73 +2742,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:988
+#: sssd-ldap.5.xml:1067
msgid "ldap_id_use_start_tls (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:991
+#: sssd-ldap.5.xml:1070
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1001
+#: sssd-ldap.5.xml:1080
msgid "ldap_sasl_mech (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1004
+#: sssd-ldap.5.xml:1083
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1136
+#: sssd-ldap.5.xml:1087 sssd-ldap.5.xml:1215
msgid "Default: none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1014
+#: sssd-ldap.5.xml:1093
msgid "ldap_sasl_authid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1017
+#: sssd-ldap.5.xml:1096
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1022
+#: sssd-ldap.5.xml:1101
msgid "Default: host/machine.fqdn@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1028
+#: sssd-ldap.5.xml:1107
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1031
+#: sssd-ldap.5.xml:1110
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1034
+#: sssd-ldap.5.xml:1113
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1119
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1043
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -2559,27 +2816,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1055
+#: sssd-ldap.5.xml:1134
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1058
+#: sssd-ldap.5.xml:1137
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1062
+#: sssd-ldap.5.xml:1141
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1147 sssd-krb5.5.xml:74
msgid "krb5_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071 sssd-krb5.5.xml:77
+#: sssd-ldap.5.xml:1150 sssd-krb5.5.xml:77
msgid ""
"Specifies the list of IP addresses or hostnames of the Kerberos servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -2590,7 +2847,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1162 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -2598,7 +2855,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1088 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1167 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -2606,41 +2863,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1097 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1176 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1100
+#: sssd-ldap.5.xml:1179
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1103
+#: sssd-ldap.5.xml:1182
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1109
+#: sssd-ldap.5.xml:1188
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1112
+#: sssd-ldap.5.xml:1191
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1117
+#: sssd-ldap.5.xml:1196
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1122
+#: sssd-ldap.5.xml:1201
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -2649,7 +2906,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1130
+#: sssd-ldap.5.xml:1209
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -2657,61 +2914,61 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1142
+#: sssd-ldap.5.xml:1221
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1145
+#: sssd-ldap.5.xml:1224
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1228
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1160
+#: sssd-ldap.5.xml:1239
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1242
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1167
+#: sssd-ldap.5.xml:1246
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1173
+#: sssd-ldap.5.xml:1252
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1176
+#: sssd-ldap.5.xml:1255
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1181
+#: sssd-ldap.5.xml:1260
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1187
+#: sssd-ldap.5.xml:1266
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1190
+#: sssd-ldap.5.xml:1269
msgid ""
"If using access_provider = ldap, this option is mandatory. It specifies an "
"LDAP search filter criteria that must be met for the user to be granted "
@@ -2721,12 +2978,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1200 sssd-ldap.5.xml:1398
+#: sssd-ldap.5.xml:1279 sssd-ldap.5.xml:1486
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1203
+#: sssd-ldap.5.xml:1282
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -2735,14 +2992,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1286
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1291
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -2751,24 +3008,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1220 sssd-ldap.5.xml:1261
+#: sssd-ldap.5.xml:1299 sssd-ldap.5.xml:1349
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1305
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1308
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1312
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -2776,19 +3033,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1240
+#: sssd-ldap.5.xml:1319
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1243
+#: sssd-ldap.5.xml:1322
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1248
+#: sssd-ldap.5.xml:1327
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -2797,97 +3054,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1255
+#: sssd-ldap.5.xml:1334
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
"allowed or not."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1340
+msgid ""
+"<emphasis>nds</emphasis>: the values of "
+"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
+"ldap_user_nds_login_expiration_time are used to check if access is allowed. "
+"If both attributes are missing access is granted."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1355
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1270
+#: sssd-ldap.5.xml:1358
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1362
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1277
+#: sssd-ldap.5.xml:1365
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1281
+#: sssd-ldap.5.xml:1369
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1374
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1378
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1293
+#: sssd-ldap.5.xml:1381
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1300
+#: sssd-ldap.5.xml:1388
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1303
+#: sssd-ldap.5.xml:1391
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1308
+#: sssd-ldap.5.xml:1396
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1312
+#: sssd-ldap.5.xml:1400
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1317
+#: sssd-ldap.5.xml:1405
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1322
+#: sssd-ldap.5.xml:1410
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1327
+#: sssd-ldap.5.xml:1415
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -2904,60 +3170,60 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1339
+#: sssd-ldap.5.xml:1427
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1346
+#: sssd-ldap.5.xml:1434
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1349
+#: sssd-ldap.5.xml:1437
msgid ""
"An optional base DN to restrict netgroup searches to a specific subtree."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1353 sssd-ldap.5.xml:1367 sssd-ldap.5.xml:1381
+#: sssd-ldap.5.xml:1441 sssd-ldap.5.xml:1455 sssd-ldap.5.xml:1469
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1360
+#: sssd-ldap.5.xml:1448
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1451
msgid "An optional base DN to restrict user searches to a specific subtree."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1374
+#: sssd-ldap.5.xml:1462
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1377
+#: sssd-ldap.5.xml:1465
msgid "An optional base DN to restrict group searches to a specific subtree."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1388
+#: sssd-ldap.5.xml:1476
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1391
+#: sssd-ldap.5.xml:1479
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1401
+#: sssd-ldap.5.xml:1489
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -2965,26 +3231,26 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1404
+#: sssd-ldap.5.xml:1492
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1411
+#: sssd-ldap.5.xml:1499
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1414
+#: sssd-ldap.5.xml:1502
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1341
+#: sssd-ldap.5.xml:1429
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -2992,7 +3258,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1434
+#: sssd-ldap.5.xml:1522
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -3000,7 +3266,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:1440
+#: sssd-ldap.5.xml:1528
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -3014,18 +3280,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1439 sssd-simple.5.xml:134 sssd-ipa.5.xml:196
+#: sssd-ldap.5.xml:1527 sssd-simple.5.xml:134 sssd-ipa.5.xml:238
#: sssd-krb5.5.xml:423
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1453 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:1541 sssd_krb5_locator_plugin.8.xml:61
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1543
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -3034,7 +3300,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1466
+#: sssd-ldap.5.xml:1554
msgid ""
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
@@ -3536,8 +3802,65 @@ msgid ""
"converted into the base DN to use for performing LDAP operations."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:179
+#, fuzzy
+#| msgid "reconnection_retries (integer)"
+msgid "ipa_hbac_refresh (integer)"
+msgstr "reconnection_retries (numeriek)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:182
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server. "
+"This will reduce the latency and load on the IPA server if there are many "
+"access-control requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:189
+#, fuzzy
+#| msgid "Default: 3"
+msgid "Default: 5 (seconds)"
+msgstr "Standaard: 3"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:194
+msgid "ipa_hbac_treat_deny_as (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:197
+msgid ""
+"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
+"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
+"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The "
+"client will support two modes of operation during this transition period:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:206
+msgid ""
+"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
+"users will be denied access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:211
+msgid ""
+"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
+"careful with this option, as it may result in opening unintended access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:216
+#, fuzzy
+#| msgid "Default: 3"
+msgid "Default: DENY_ALL"
+msgstr "Standaard: 3"
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:190
+#: sssd-ipa.5.xml:232
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -3545,7 +3868,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:197
+#: sssd-ipa.5.xml:239
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -3555,7 +3878,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:208
+#: sssd-ipa.5.xml:250
msgid ""
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</"
@@ -4100,21 +4423,6 @@ msgstr ""
msgid "krb5_ccname_template (string)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:166
-msgid "%u"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:167
-msgid "login name"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:170
-msgid "%U"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:171
msgid "login UID"
@@ -4150,11 +4458,6 @@ msgstr ""
msgid "home directory"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:188
-msgid "%d"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:189
msgid "value of krb5ccache_dir"
@@ -4170,16 +4473,6 @@ msgstr ""
msgid "the process ID of the sssd client"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:200
-msgid "%%"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:201
-msgid "a literal '%'"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:160
msgid ""
diff --git a/src/man/po/pl.po b/src/man/po/pl.po
index 46943f8b8..29577eac9 100644
--- a/src/man/po/pl.po
+++ b/src/man/po/pl.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-04-27 11:41-0300\n"
+"POT-Creation-Date: 2011-08-02 15:55-0300\n"
"PO-Revision-Date: 2011-03-08 15:06+0000\n"
"Last-Translator: sgallagh <sgallagh@redhat.com>\n"
"Language-Team: Polish <None>\n"
@@ -106,9 +106,9 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1464
+#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1106 sssd-ldap.5.xml:1552
#: pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143
-#: sssd-ipa.5.xml:206 sssd.8.xml:166 sss_obfuscate.8.xml:103
+#: sssd-ipa.5.xml:248 sssd.8.xml:166 sss_obfuscate.8.xml:103
#: sss_useradd.8.xml:167 sssd-krb5.5.xml:433 sss_groupadd.8.xml:58
#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58
#: sss_usermod.8.xml:138
@@ -215,7 +215,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:70 sssd.conf.5.xml:854
+#: sssd.conf.5.xml:70 sssd.conf.5.xml:952
msgid "Section parameters"
msgstr ""
@@ -430,8 +430,8 @@ msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1049
-#: sssd-ldap.5.xml:1154 sssd-ipa.5.xml:155
+#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1128
+#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:155
msgid "Default: true"
msgstr ""
@@ -562,61 +562,202 @@ msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:358
+msgid "override_homedir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:367 sssd-krb5.5.xml:166
+msgid "%u"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:368 sssd-krb5.5.xml:167
+msgid "login name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:371 sssd-krb5.5.xml:170
+msgid "%U"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:372
+msgid "UID number"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:375 sssd-krb5.5.xml:188
+msgid "%d"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:376
+msgid "domain name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:379
+msgid "%f"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:380
+msgid "fully qualified user name (user@domain)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:383 sssd-krb5.5.xml:200
+msgid "%%"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:384 sssd-krb5.5.xml:201
+msgid "a literal '%'"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:361
+msgid ""
+"Override the user's home directory. You can either provide an absolute value "
+"or a template. In the template, the following sequences are substituted: "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:390
+msgid "This option can also be set per-domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:395
+msgid "allowed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:398
+msgid ""
+"Restrict user shell to one of the listed values. The order of evaluation is:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:401
+msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:405
+msgid ""
+"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
+"quote>, use the value of the shell_fallback parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:410
+msgid ""
+"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
+"shells</quote>, a nologin shell is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:415
+msgid "An empty string for shell is passed as-is to libc."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:418
+msgid ""
+"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
+"that a restart of the SSSD is required in case a new shell is installed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:422
+msgid "Default: Not set. The user shell is automatically used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:427
+msgid "vetoed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:430
+msgid "Replace any instance of these shells with the shell_fallback"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:435
+msgid "shell_fallback (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:438
+msgid ""
+"The default shell to use if an allowed shell is not installed on the machine."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:442
+msgid "Default: /bin/sh"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:360
+#: sssd.conf.5.xml:449
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:362
+#: sssd.conf.5.xml:451
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:367
+#: sssd.conf.5.xml:456
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:459
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:375 sssd.conf.5.xml:388
+#: sssd.conf.5.xml:464 sssd.conf.5.xml:477
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:381
+#: sssd.conf.5.xml:470
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:473
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:483
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:397
+#: sssd.conf.5.xml:486
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:491
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -624,59 +765,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:408 sssd.conf.5.xml:461 sssd.conf.5.xml:793
+#: sssd.conf.5.xml:497 sssd.conf.5.xml:550 sssd.conf.5.xml:882
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:414
+#: sssd.conf.5.xml:503
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:417
+#: sssd.conf.5.xml:506
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:422
+#: sssd.conf.5.xml:511
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:425
+#: sssd.conf.5.xml:514
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:428
+#: sssd.conf.5.xml:517
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:432
+#: sssd.conf.5.xml:521
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435
+#: sssd.conf.5.xml:524
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:528
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:444
+#: sssd.conf.5.xml:533
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:447
+#: sssd.conf.5.xml:536
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -684,7 +825,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:453
+#: sssd.conf.5.xml:542
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -693,17 +834,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:556
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:470
+#: sssd.conf.5.xml:559
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:562
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -711,29 +852,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:479
+#: sssd.conf.5.xml:568
msgid "Default: 7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:488
+#: sssd.conf.5.xml:577
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:495
+#: sssd.conf.5.xml:584
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:587
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:592
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -742,56 +883,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:599
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:516
+#: sssd.conf.5.xml:605
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:608
msgid ""
"Timeout in seconds between heartbeats for this domain. This is used to "
"ensure that the backend process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:524
+#: sssd.conf.5.xml:613 sssd-ldap.5.xml:945
msgid "Default: 10"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:619
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:533
+#: sssd.conf.5.xml:622
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:626
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:540
+#: sssd.conf.5.xml:629
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:543 sssd.conf.5.xml:591 sssd.conf.5.xml:645
+#: sssd.conf.5.xml:632 sssd.conf.5.xml:680 sssd.conf.5.xml:734
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:635
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -801,14 +942,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:556
+#: sssd.conf.5.xml:645
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:561
+#: sssd.conf.5.xml:650
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -817,39 +958,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:572
+#: sssd.conf.5.xml:661
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:575
+#: sssd.conf.5.xml:664
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:579
+#: sssd.conf.5.xml:668
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:584
+#: sssd.conf.5.xml:673
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:587
+#: sssd.conf.5.xml:676
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:685
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:599
+#: sssd.conf.5.xml:688
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -858,47 +999,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:606
+#: sssd.conf.5.xml:695
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:612
+#: sssd.conf.5.xml:701
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:704
msgid "The Data Provider identity backend to use for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:619
+#: sssd.conf.5.xml:708
msgid "Supported backends:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:622
+#: sssd.conf.5.xml:711
msgid "proxy: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:625
+#: sssd.conf.5.xml:714
msgid "local: SSSD internal local provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:628
+#: sssd.conf.5.xml:717
msgid "ldap: LDAP provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:723
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:726
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -907,19 +1048,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:739
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:742
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:657
+#: sssd.conf.5.xml:746
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -927,7 +1068,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:664
+#: sssd.conf.5.xml:753
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -935,30 +1076,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:671
+#: sssd.conf.5.xml:760
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:763
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:677
+#: sssd.conf.5.xml:766
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:683
+#: sssd.conf.5.xml:772
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:775
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -966,17 +1107,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:781
msgid "<quote>permit</quote> always allow access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:695
+#: sssd.conf.5.xml:784
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698
+#: sssd.conf.5.xml:787
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -985,24 +1126,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:794
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:799
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:713
+#: sssd.conf.5.xml:802
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:718
+#: sssd.conf.5.xml:807
msgid ""
"<quote>ipa</quote> to change a password stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1010,7 +1151,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:726
+#: sssd.conf.5.xml:815
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1018,7 +1159,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734
+#: sssd.conf.5.xml:823
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1026,72 +1167,72 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:742
+#: sssd.conf.5.xml:831
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:746
+#: sssd.conf.5.xml:835
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:838
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:756
+#: sssd.conf.5.xml:845
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:759
+#: sssd.conf.5.xml:848
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:763
+#: sssd.conf.5.xml:852
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:766
+#: sssd.conf.5.xml:855
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:769
+#: sssd.conf.5.xml:858
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:772
+#: sssd.conf.5.xml:861
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:864
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:778
+#: sssd.conf.5.xml:867
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:873
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:787
+#: sssd.conf.5.xml:876
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1099,24 +1240,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:799
+#: sssd.conf.5.xml:888
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:891
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:806
+#: sssd.conf.5.xml:895
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:901
+msgid "override_gid (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:904
+msgid "Override the primary GID value with the one specified."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:579
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -1124,29 +1275,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:818
+#: sssd.conf.5.xml:916
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:919
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:824
+#: sssd.conf.5.xml:922
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:930
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:933
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -1154,19 +1305,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:814
+#: sssd.conf.5.xml:912
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:847
+#: sssd.conf.5.xml:945
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:849
+#: sssd.conf.5.xml:947
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -1174,73 +1325,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:856
+#: sssd.conf.5.xml:954
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:859
+#: sssd.conf.5.xml:957
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:863
+#: sssd.conf.5.xml:961
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:966
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:969
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:974
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:979
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:884
+#: sssd.conf.5.xml:982
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888 sssd.conf.5.xml:900
+#: sssd.conf.5.xml:986 sssd.conf.5.xml:998
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:991
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:994
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:905
+#: sssd.conf.5.xml:1003
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:908
+#: sssd.conf.5.xml:1006
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -1248,17 +1399,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:1014
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:921
+#: sssd.conf.5.xml:1019
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:1022
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -1267,17 +1418,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:934
+#: sssd.conf.5.xml:1032
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:939
+#: sssd.conf.5.xml:1037
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:942
+#: sssd.conf.5.xml:1040
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -1285,17 +1436,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:949
+#: sssd.conf.5.xml:1047
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:954
+#: sssd.conf.5.xml:1052
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:957
+#: sssd.conf.5.xml:1055
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -1303,18 +1454,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1061
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1432 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:188 sssd-krb5.5.xml:414
+#: sssd.conf.5.xml:1071 sssd-ldap.5.xml:1520 sssd-simple.5.xml:126
+#: sssd-ipa.5.xml:230 sssd-krb5.5.xml:414
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1077
#, no-wrap
msgid ""
"[sssd]\n"
@@ -1344,7 +1495,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:975
+#: sssd.conf.5.xml:1073
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -1353,7 +1504,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1108
msgid ""
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
@@ -1417,21 +1568,42 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:63
msgid ""
-"Specifies the list of URIs of the LDAP servers to which SSSD should connect "
-"in the order of preference. Refer to the <quote>FAILOVER</quote> section for "
-"more information on failover and server redundancy. If not specified, "
-"service discovery is enabled. For more information, refer to the "
-"<quote>SERVICE DISCOVERY</quote> section."
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
+"should connect in the order of preference. Refer to the <quote>FAILOVER</"
+"quote> section for more information on failover and server redundancy. If "
+"not specified, service discovery is enabled. For more information, refer to "
+"the <quote>SERVICE DISCOVERY</quote> section."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:70
+msgid "The format of the URI must match the format defined in RFC 2732:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:73
-msgid "ldap_chpass_uri (string)"
+msgid "ldap[s]://&lt;host&gt;[:port]"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:76
msgid ""
+"For explicit IPv6 addresses, &lt;host&gt; must be enclosed in brackets []"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:79
+msgid "example: ldap://[fc00::126:25]:389"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:85
+msgid "ldap_chpass_uri (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:88
+msgid ""
"Specifies the list of URIs of the LDAP servers to which SSSD should connect "
"in the order of preference to change the password of a user. Refer to the "
"<quote>FAILOVER</quote> section for more information on failover and server "
@@ -1439,27 +1611,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:83
+#: sssd-ldap.5.xml:95
msgid "To enable service discovery ldap_chpass_dns_service_name must be set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:87
+#: sssd-ldap.5.xml:99
msgid "Default: empty, i.e. ldap_uri is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:93
+#: sssd-ldap.5.xml:105
msgid "ldap_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:96
+#: sssd-ldap.5.xml:108
msgid "The default base DN to use for performing LDAP user operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:100
+#: sssd-ldap.5.xml:112
msgid ""
"Default: If not set the value of the defaultNamingContext or namingContexts "
"attribute from the RootDSE of the LDAP server is used. If "
@@ -1470,12 +1642,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:114
+#: sssd-ldap.5.xml:126
msgid "ldap_schema (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:117
+#: sssd-ldap.5.xml:129
msgid ""
"Specifies the Schema Type in use on the target LDAP server. Depending on "
"the selected schema, the default attribute names retrieved from the servers "
@@ -1489,201 +1661,206 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:136
+#: sssd-ldap.5.xml:148
msgid "Default: rfc2307"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:142
+#: sssd-ldap.5.xml:154
msgid "ldap_default_bind_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:145
+#: sssd-ldap.5.xml:157
msgid "The default bind DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:152
+#: sssd-ldap.5.xml:164
msgid "ldap_default_authtok_type (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:155
+#: sssd-ldap.5.xml:167
msgid "The type of the authentication token of the default bind DN."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:159
+#: sssd-ldap.5.xml:171
msgid "The two mechanisms currently supported are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:162
+#: sssd-ldap.5.xml:174
msgid "password"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:165
+#: sssd-ldap.5.xml:177
msgid "obfuscated_password"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:180
+msgid "Default: password"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:171
+#: sssd-ldap.5.xml:186
msgid "ldap_default_authtok (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:174
+#: sssd-ldap.5.xml:189
msgid ""
"The authentication token of the default bind DN. Only clear text passwords "
"are currently supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:181
+#: sssd-ldap.5.xml:196
msgid "ldap_user_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:184
+#: sssd-ldap.5.xml:199
msgid "The object class of a user entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:187
+#: sssd-ldap.5.xml:202
msgid "Default: posixAccount"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:193
+#: sssd-ldap.5.xml:208
msgid "ldap_user_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:196
+#: sssd-ldap.5.xml:211
msgid "The LDAP attribute that corresponds to the user's login name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:200
+#: sssd-ldap.5.xml:215
msgid "Default: uid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:206
+#: sssd-ldap.5.xml:221
msgid "ldap_user_uid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:209
+#: sssd-ldap.5.xml:224
msgid "The LDAP attribute that corresponds to the user's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:213
+#: sssd-ldap.5.xml:228
msgid "Default: uidNumber"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:219
+#: sssd-ldap.5.xml:234
msgid "ldap_user_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:222
+#: sssd-ldap.5.xml:237
msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:642
+#: sssd-ldap.5.xml:241 sssd-ldap.5.xml:698
msgid "Default: gidNumber"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:232
+#: sssd-ldap.5.xml:247
msgid "ldap_user_gecos (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:235
+#: sssd-ldap.5.xml:250
msgid "The LDAP attribute that corresponds to the user's gecos field."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:239
+#: sssd-ldap.5.xml:254
msgid "Default: gecos"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:245
+#: sssd-ldap.5.xml:260
msgid "ldap_user_home_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:248
+#: sssd-ldap.5.xml:263
msgid "The LDAP attribute that contains the name of the user's home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:252
+#: sssd-ldap.5.xml:267
msgid "Default: homeDirectory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:258
+#: sssd-ldap.5.xml:273
msgid "ldap_user_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:261
+#: sssd-ldap.5.xml:276
msgid "The LDAP attribute that contains the path to the user's default shell."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:265
+#: sssd-ldap.5.xml:280
msgid "Default: loginShell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:271
+#: sssd-ldap.5.xml:286
msgid "ldap_user_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:274
+#: sssd-ldap.5.xml:289
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:668 sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:293 sssd-ldap.5.xml:724 sssd-ldap.5.xml:817
msgid "Default: nsUniqueId"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:284
+#: sssd-ldap.5.xml:299
msgid "ldap_user_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:677 sssd-ldap.5.xml:770
+#: sssd-ldap.5.xml:302 sssd-ldap.5.xml:733 sssd-ldap.5.xml:826
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:681 sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:306 sssd-ldap.5.xml:737 sssd-ldap.5.xml:830
msgid "Default: modifyTimestamp"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:297
+#: sssd-ldap.5.xml:312
msgid "ldap_user_shadow_last_change (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:300
+#: sssd-ldap.5.xml:315
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1692,17 +1869,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:310
+#: sssd-ldap.5.xml:325
msgid "Default: shadowLastChange"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:316
+#: sssd-ldap.5.xml:331
msgid "ldap_user_shadow_min (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:319
+#: sssd-ldap.5.xml:334
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1711,17 +1888,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:328
+#: sssd-ldap.5.xml:343
msgid "Default: shadowMin"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:334
+#: sssd-ldap.5.xml:349
msgid "ldap_user_shadow_max (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:337
+#: sssd-ldap.5.xml:352
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1730,17 +1907,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:346
+#: sssd-ldap.5.xml:361
msgid "Default: shadowMax"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:352
+#: sssd-ldap.5.xml:367
msgid "ldap_user_shadow_warning (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:355
+#: sssd-ldap.5.xml:370
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1749,17 +1926,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:365
+#: sssd-ldap.5.xml:380
msgid "Default: shadowWarning"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:371
+#: sssd-ldap.5.xml:386
msgid "ldap_user_shadow_inactive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:374
+#: sssd-ldap.5.xml:389
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -1768,17 +1945,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:384
+#: sssd-ldap.5.xml:399
msgid "Default: shadowInactive"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:390
+#: sssd-ldap.5.xml:405
msgid "ldap_user_shadow_expire (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:393
+#: sssd-ldap.5.xml:408
msgid ""
"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this "
"parameter contains the name of an LDAP attribute corresponding to its "
@@ -1787,17 +1964,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:403
+#: sssd-ldap.5.xml:418
msgid "Default: shadowExpire"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:409
+#: sssd-ldap.5.xml:424
msgid "ldap_user_krb_last_pwd_change (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:412
+#: sssd-ldap.5.xml:427
msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time of last password change in "
@@ -1805,102 +1982,148 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:418
+#: sssd-ldap.5.xml:433
msgid "Default: krbLastPwdChange"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:424
+#: sssd-ldap.5.xml:439
msgid "ldap_user_krb_password_expiration (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:427
+#: sssd-ldap.5.xml:442
msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time when current password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:433
+#: sssd-ldap.5.xml:448
msgid "Default: krbPasswordExpiration"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:439
+#: sssd-ldap.5.xml:454
msgid "ldap_user_ad_account_expires (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:442
+#: sssd-ldap.5.xml:457
msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the expiration time of the account."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:447
+#: sssd-ldap.5.xml:462
msgid "Default: accountExpires"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:453
+#: sssd-ldap.5.xml:468
msgid "ldap_user_ad_user_account_control (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:456
+#: sssd-ldap.5.xml:471
msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the user account control bit field."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:461
+#: sssd-ldap.5.xml:476
msgid "Default: userAccountControl"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:467
+#: sssd-ldap.5.xml:482
msgid "ldap_ns_account_lock (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:470
+#: sssd-ldap.5.xml:485
msgid ""
"When using ldap_account_expire_policy=rhds or equivalent, this parameter "
"determines if access is allowed or not."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:475
+#: sssd-ldap.5.xml:490
msgid "Default: nsAccountLock"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:481
+#: sssd-ldap.5.xml:496
+msgid "ldap_user_nds_login_disabled (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:499
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines if "
+"access is allowed or not."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:503 sssd-ldap.5.xml:517
+msgid "Default: loginDisabled"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:509
+msgid "ldap_user_nds_login_expiration_time (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:512
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines until "
+"which date access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:523
+msgid "ldap_user_nds_login_allowed_time_map (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:526
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines the "
+"hours of a day in a week when access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:531
+msgid "Default: loginAllowedTimeMap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:537
msgid "ldap_user_principal (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:484
+#: sssd-ldap.5.xml:540
msgid ""
"The LDAP attribute that contains the user's Kerberos User Principal Name "
"(UPN)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:488
+#: sssd-ldap.5.xml:544
msgid "Default: krbPrincipalName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:494
+#: sssd-ldap.5.xml:550
msgid "ldap_force_upper_case_realm (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:497
+#: sssd-ldap.5.xml:553
msgid ""
"Some directory servers, for example Active Directory, might deliver the "
"realm part of the UPN in lower case, which might cause the authentication to "
@@ -1909,35 +2132,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:995 sssd-ipa.5.xml:115 sssd.8.xml:64
+#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:1074 sssd-ipa.5.xml:115 sssd.8.xml:64
#: sssd-krb5.5.xml:235 sssd-krb5.5.xml:266
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:510
+#: sssd-ldap.5.xml:566
msgid "ldap_enumeration_refresh_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:513
+#: sssd-ldap.5.xml:569
msgid ""
"The LDAP attribute that contains how many seconds SSSD has to wait before "
"refreshing its cache of enumerated records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:518
+#: sssd-ldap.5.xml:574
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:524
+#: sssd-ldap.5.xml:580
msgid "ldap_purge_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:527
+#: sssd-ldap.5.xml:583
msgid ""
"Determine how often to check the cache for inactive entries (such as groups "
"with no members and users who have never logged in) and remove them to save "
@@ -1945,52 +2168,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:533
+#: sssd-ldap.5.xml:589
msgid "Setting this option to zero will disable the cache cleanup operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:537
+#: sssd-ldap.5.xml:593
msgid "Default: 10800 (12 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:543
+#: sssd-ldap.5.xml:599
msgid "ldap_user_fullname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:546
+#: sssd-ldap.5.xml:602
msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:629 sssd-ldap.5.xml:722
+#: sssd-ldap.5.xml:606 sssd-ldap.5.xml:685 sssd-ldap.5.xml:778
msgid "Default: cn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:556
+#: sssd-ldap.5.xml:612
msgid "ldap_user_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:559
+#: sssd-ldap.5.xml:615
msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:563
+#: sssd-ldap.5.xml:619
msgid "Default: memberOf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:569
+#: sssd-ldap.5.xml:625
msgid "ldap_user_authorized_service (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:572
+#: sssd-ldap.5.xml:628
msgid ""
"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will "
"use the presence of the authorizedService attribute in the user's LDAP entry "
@@ -1998,24 +2221,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:579
+#: sssd-ldap.5.xml:635
msgid ""
"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
"explicit allow (svc) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:584
+#: sssd-ldap.5.xml:640
msgid "Default: authorizedService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:590
+#: sssd-ldap.5.xml:646
msgid "ldap_user_authorized_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:593
+#: sssd-ldap.5.xml:649
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -2023,89 +2246,89 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:599
+#: sssd-ldap.5.xml:655
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:604
+#: sssd-ldap.5.xml:660
msgid "Default: host"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:610
+#: sssd-ldap.5.xml:666
msgid "ldap_group_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:613
+#: sssd-ldap.5.xml:669
msgid "The object class of a group entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:616
+#: sssd-ldap.5.xml:672
msgid "Default: posixGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:622
+#: sssd-ldap.5.xml:678
msgid "ldap_group_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:625
+#: sssd-ldap.5.xml:681
msgid "The LDAP attribute that corresponds to the group name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:635
+#: sssd-ldap.5.xml:691
msgid "ldap_group_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:638
+#: sssd-ldap.5.xml:694
msgid "The LDAP attribute that corresponds to the group's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:648
+#: sssd-ldap.5.xml:704
msgid "ldap_group_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:651
+#: sssd-ldap.5.xml:707
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:655
+#: sssd-ldap.5.xml:711
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:661
+#: sssd-ldap.5.xml:717
msgid "ldap_group_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:664
+#: sssd-ldap.5.xml:720
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:674
+#: sssd-ldap.5.xml:730
msgid "ldap_group_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:687
+#: sssd-ldap.5.xml:743
msgid "ldap_group_nesting_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:690
+#: sssd-ldap.5.xml:746
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -2113,89 +2336,89 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:697
+#: sssd-ldap.5.xml:753
msgid "Default: 2"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:703
+#: sssd-ldap.5.xml:759
msgid "ldap_netgroup_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:706
+#: sssd-ldap.5.xml:762
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:709
+#: sssd-ldap.5.xml:765
msgid "Default: nisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:715
+#: sssd-ldap.5.xml:771
msgid "ldap_netgroup_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:718
+#: sssd-ldap.5.xml:774
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:728
+#: sssd-ldap.5.xml:784
msgid "ldap_netgroup_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:731
+#: sssd-ldap.5.xml:787
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:791
msgid "Default: memberNisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:741
+#: sssd-ldap.5.xml:797
msgid "ldap_netgroup_triple (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:744
+#: sssd-ldap.5.xml:800
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:748
+#: sssd-ldap.5.xml:804
msgid "Default: nisNetgroupTriple"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:754
+#: sssd-ldap.5.xml:810
msgid "ldap_netgroup_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:757
+#: sssd-ldap.5.xml:813
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:767
+#: sssd-ldap.5.xml:823
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:780
+#: sssd-ldap.5.xml:836
msgid "ldap_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:783
+#: sssd-ldap.5.xml:839
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -2203,7 +2426,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:789
+#: sssd-ldap.5.xml:845
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -2211,17 +2434,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:795 sssd-ldap.5.xml:837 sssd-ldap.5.xml:852
+#: sssd-ldap.5.xml:851 sssd-ldap.5.xml:893 sssd-ldap.5.xml:908
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:801
+#: sssd-ldap.5.xml:857
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:804
+#: sssd-ldap.5.xml:860
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -2229,17 +2452,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:811
+#: sssd-ldap.5.xml:867
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:817
+#: sssd-ldap.5.xml:873
msgid "ldap_network_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:820
+#: sssd-ldap.5.xml:876
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -2250,12 +2473,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:843
+#: sssd-ldap.5.xml:899
msgid "ldap_opt_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:846
+#: sssd-ldap.5.xml:902
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -2263,43 +2486,65 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:858
+#: sssd-ldap.5.xml:914
msgid "ldap_page_size (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:861
+#: sssd-ldap.5.xml:917
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:866
+#: sssd-ldap.5.xml:922
msgid "Default: 1000"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:872
+#: sssd-ldap.5.xml:928
+msgid "ldap_deref_threshold (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:931
+msgid ""
+"Specify the number of group members that must be missing from the internal "
+"cache in order to trigger a dereference lookup. If less members are missing, "
+"they are looked up individually."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:937
+msgid ""
+"A dereference lookup is a means of fetching all group members in a single "
+"LDAP call. Different LDAP servers may implement different dereference "
+"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active "
+"Directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:951
msgid "ldap_tls_reqcert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:875
+#: sssd-ldap.5.xml:954
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:881
+#: sssd-ldap.5.xml:960
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:885
+#: sssd-ldap.5.xml:964
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -2307,7 +2552,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:892
+#: sssd-ldap.5.xml:971
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -2315,7 +2560,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:898
+#: sssd-ldap.5.xml:977
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -2323,41 +2568,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:904
+#: sssd-ldap.5.xml:983
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:908
+#: sssd-ldap.5.xml:987
msgid "Default: hard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:914
+#: sssd-ldap.5.xml:993
msgid "ldap_tls_cacert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:917
+#: sssd-ldap.5.xml:996
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:922 sssd-ldap.5.xml:940 sssd-ldap.5.xml:981
+#: sssd-ldap.5.xml:1001 sssd-ldap.5.xml:1019 sssd-ldap.5.xml:1060
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:1008
msgid "ldap_tls_cacertdir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:1011
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -2366,38 +2611,38 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:947
+#: sssd-ldap.5.xml:1026
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:950
+#: sssd-ldap.5.xml:1029
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:954 sssd-ldap.5.xml:966 sssd-ldap.5.xml:1395
-#: sssd-ldap.5.xml:1418 sssd-krb5.5.xml:356
+#: sssd-ldap.5.xml:1033 sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1483
+#: sssd-ldap.5.xml:1506 sssd-krb5.5.xml:356
msgid "Default: not set"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:960
+#: sssd-ldap.5.xml:1039
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:1042
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:972
+#: sssd-ldap.5.xml:1051
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:975
+#: sssd-ldap.5.xml:1054
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -2405,73 +2650,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:988
+#: sssd-ldap.5.xml:1067
msgid "ldap_id_use_start_tls (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:991
+#: sssd-ldap.5.xml:1070
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1001
+#: sssd-ldap.5.xml:1080
msgid "ldap_sasl_mech (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1004
+#: sssd-ldap.5.xml:1083
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1136
+#: sssd-ldap.5.xml:1087 sssd-ldap.5.xml:1215
msgid "Default: none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1014
+#: sssd-ldap.5.xml:1093
msgid "ldap_sasl_authid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1017
+#: sssd-ldap.5.xml:1096
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1022
+#: sssd-ldap.5.xml:1101
msgid "Default: host/machine.fqdn@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1028
+#: sssd-ldap.5.xml:1107
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1031
+#: sssd-ldap.5.xml:1110
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1034
+#: sssd-ldap.5.xml:1113
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1119
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1043
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -2479,27 +2724,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1055
+#: sssd-ldap.5.xml:1134
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1058
+#: sssd-ldap.5.xml:1137
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1062
+#: sssd-ldap.5.xml:1141
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1147 sssd-krb5.5.xml:74
msgid "krb5_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071 sssd-krb5.5.xml:77
+#: sssd-ldap.5.xml:1150 sssd-krb5.5.xml:77
msgid ""
"Specifies the list of IP addresses or hostnames of the Kerberos servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -2510,7 +2755,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1162 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -2518,7 +2763,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1088 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1167 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -2526,41 +2771,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1097 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1176 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1100
+#: sssd-ldap.5.xml:1179
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1103
+#: sssd-ldap.5.xml:1182
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1109
+#: sssd-ldap.5.xml:1188
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1112
+#: sssd-ldap.5.xml:1191
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1117
+#: sssd-ldap.5.xml:1196
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1122
+#: sssd-ldap.5.xml:1201
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -2569,7 +2814,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1130
+#: sssd-ldap.5.xml:1209
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -2577,61 +2822,61 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1142
+#: sssd-ldap.5.xml:1221
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1145
+#: sssd-ldap.5.xml:1224
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1228
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1160
+#: sssd-ldap.5.xml:1239
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1242
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1167
+#: sssd-ldap.5.xml:1246
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1173
+#: sssd-ldap.5.xml:1252
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1176
+#: sssd-ldap.5.xml:1255
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1181
+#: sssd-ldap.5.xml:1260
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1187
+#: sssd-ldap.5.xml:1266
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1190
+#: sssd-ldap.5.xml:1269
msgid ""
"If using access_provider = ldap, this option is mandatory. It specifies an "
"LDAP search filter criteria that must be met for the user to be granted "
@@ -2641,12 +2886,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1200 sssd-ldap.5.xml:1398
+#: sssd-ldap.5.xml:1279 sssd-ldap.5.xml:1486
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1203
+#: sssd-ldap.5.xml:1282
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -2655,14 +2900,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1286
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1291
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -2671,24 +2916,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1220 sssd-ldap.5.xml:1261
+#: sssd-ldap.5.xml:1299 sssd-ldap.5.xml:1349
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1305
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1308
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1312
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -2696,19 +2941,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1240
+#: sssd-ldap.5.xml:1319
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1243
+#: sssd-ldap.5.xml:1322
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1248
+#: sssd-ldap.5.xml:1327
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -2717,97 +2962,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1255
+#: sssd-ldap.5.xml:1334
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
"allowed or not."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1340
+msgid ""
+"<emphasis>nds</emphasis>: the values of "
+"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
+"ldap_user_nds_login_expiration_time are used to check if access is allowed. "
+"If both attributes are missing access is granted."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1355
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1270
+#: sssd-ldap.5.xml:1358
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1362
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1277
+#: sssd-ldap.5.xml:1365
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1281
+#: sssd-ldap.5.xml:1369
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1374
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1378
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1293
+#: sssd-ldap.5.xml:1381
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1300
+#: sssd-ldap.5.xml:1388
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1303
+#: sssd-ldap.5.xml:1391
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1308
+#: sssd-ldap.5.xml:1396
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1312
+#: sssd-ldap.5.xml:1400
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1317
+#: sssd-ldap.5.xml:1405
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1322
+#: sssd-ldap.5.xml:1410
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1327
+#: sssd-ldap.5.xml:1415
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -2824,60 +3078,60 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1339
+#: sssd-ldap.5.xml:1427
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1346
+#: sssd-ldap.5.xml:1434
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1349
+#: sssd-ldap.5.xml:1437
msgid ""
"An optional base DN to restrict netgroup searches to a specific subtree."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1353 sssd-ldap.5.xml:1367 sssd-ldap.5.xml:1381
+#: sssd-ldap.5.xml:1441 sssd-ldap.5.xml:1455 sssd-ldap.5.xml:1469
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1360
+#: sssd-ldap.5.xml:1448
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1451
msgid "An optional base DN to restrict user searches to a specific subtree."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1374
+#: sssd-ldap.5.xml:1462
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1377
+#: sssd-ldap.5.xml:1465
msgid "An optional base DN to restrict group searches to a specific subtree."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1388
+#: sssd-ldap.5.xml:1476
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1391
+#: sssd-ldap.5.xml:1479
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1401
+#: sssd-ldap.5.xml:1489
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -2885,26 +3139,26 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1404
+#: sssd-ldap.5.xml:1492
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1411
+#: sssd-ldap.5.xml:1499
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1414
+#: sssd-ldap.5.xml:1502
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1341
+#: sssd-ldap.5.xml:1429
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -2912,7 +3166,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1434
+#: sssd-ldap.5.xml:1522
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -2920,7 +3174,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:1440
+#: sssd-ldap.5.xml:1528
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -2934,18 +3188,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1439 sssd-simple.5.xml:134 sssd-ipa.5.xml:196
+#: sssd-ldap.5.xml:1527 sssd-simple.5.xml:134 sssd-ipa.5.xml:238
#: sssd-krb5.5.xml:423
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1453 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:1541 sssd_krb5_locator_plugin.8.xml:61
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1543
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -2954,7 +3208,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1466
+#: sssd-ldap.5.xml:1554
msgid ""
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
@@ -3456,8 +3710,59 @@ msgid ""
"converted into the base DN to use for performing LDAP operations."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:179
+msgid "ipa_hbac_refresh (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:182
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server. "
+"This will reduce the latency and load on the IPA server if there are many "
+"access-control requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:189
+msgid "Default: 5 (seconds)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:194
+msgid "ipa_hbac_treat_deny_as (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:197
+msgid ""
+"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
+"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
+"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The "
+"client will support two modes of operation during this transition period:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:206
+msgid ""
+"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
+"users will be denied access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:211
+msgid ""
+"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
+"careful with this option, as it may result in opening unintended access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:216
+msgid "Default: DENY_ALL"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:190
+#: sssd-ipa.5.xml:232
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -3465,7 +3770,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:197
+#: sssd-ipa.5.xml:239
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -3475,7 +3780,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:208
+#: sssd-ipa.5.xml:250
msgid ""
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</"
@@ -4020,21 +4325,6 @@ msgstr ""
msgid "krb5_ccname_template (string)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:166
-msgid "%u"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:167
-msgid "login name"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:170
-msgid "%U"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:171
msgid "login UID"
@@ -4070,11 +4360,6 @@ msgstr ""
msgid "home directory"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:188
-msgid "%d"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:189
msgid "value of krb5ccache_dir"
@@ -4090,16 +4375,6 @@ msgstr ""
msgid "the process ID of the sssd client"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:200
-msgid "%%"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:201
-msgid "a literal '%'"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:160
msgid ""
diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot
index 3a413ed09..b3b6fb39d 100644
--- a/src/man/po/sssd-docs.pot
+++ b/src/man/po/sssd-docs.pot
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.6.0\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-04-27 11:41-0300\n"
+"POT-Creation-Date: 2011-08-02 16:10-0300\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -93,7 +93,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1464 pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 sssd-ipa.5.xml:206 sssd.8.xml:166 sss_obfuscate.8.xml:103 sss_useradd.8.xml:167 sssd-krb5.5.xml:433 sss_groupadd.8.xml:58 sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 sss_usermod.8.xml:138
+#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1106 sssd-ldap.5.xml:1552 pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 sssd-ipa.5.xml:248 sssd.8.xml:166 sss_obfuscate.8.xml:103 sss_useradd.8.xml:167 sssd-krb5.5.xml:433 sss_groupadd.8.xml:58 sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 sss_usermod.8.xml:138
msgid "SEE ALSO"
msgstr ""
@@ -200,7 +200,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:70 sssd.conf.5.xml:854
+#: sssd.conf.5.xml:70 sssd.conf.5.xml:952
msgid "Section parameters"
msgstr ""
@@ -414,7 +414,7 @@ msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1049 sssd-ldap.5.xml:1154 sssd-ipa.5.xml:155
+#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1128 sssd-ldap.5.xml:1233 sssd-ipa.5.xml:155
msgid "Default: true"
msgstr ""
@@ -545,61 +545,202 @@ msgstr ""
msgid "If you want filtered user still be group members set this option to false."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:358
+msgid "override_homedir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:367 sssd-krb5.5.xml:166
+msgid "%u"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:368 sssd-krb5.5.xml:167
+msgid "login name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:371 sssd-krb5.5.xml:170
+msgid "%U"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:372
+msgid "UID number"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:375 sssd-krb5.5.xml:188
+msgid "%d"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:376
+msgid "domain name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:379
+msgid "%f"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:380
+msgid "fully qualified user name (user@domain)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:383 sssd-krb5.5.xml:200
+msgid "%%"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:384 sssd-krb5.5.xml:201
+msgid "a literal '%'"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:361
+msgid ""
+"Override the user's home directory. You can either provide an absolute value "
+"or a template. In the template, the following sequences are substituted: "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:390
+msgid "This option can also be set per-domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:395
+msgid "allowed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:398
+msgid "Restrict user shell to one of the listed values. The order of evaluation is:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:401
+msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:405
+msgid ""
+"2. If the shell is in the allowed_shells list but not in "
+"<quote>/etc/shells</quote>, use the value of the shell_fallback parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:410
+msgid ""
+"3. If the shell is not in the allowed_shells list and not in "
+"<quote>/etc/shells</quote>, a nologin shell is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:415
+msgid "An empty string for shell is passed as-is to libc."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:418
+msgid ""
+"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
+"that a restart of the SSSD is required in case a new shell is installed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:422
+msgid "Default: Not set. The user shell is automatically used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:427
+msgid "vetoed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:430
+msgid "Replace any instance of these shells with the shell_fallback"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:435
+msgid "shell_fallback (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:438
+msgid ""
+"The default shell to use if an allowed shell is not installed on the "
+"machine."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:442
+msgid "Default: /bin/sh"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:360
+#: sssd.conf.5.xml:449
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:362
+#: sssd.conf.5.xml:451
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:367
+#: sssd.conf.5.xml:456
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:459
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:375 sssd.conf.5.xml:388
+#: sssd.conf.5.xml:464 sssd.conf.5.xml:477
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:381
+#: sssd.conf.5.xml:470
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:473
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:483
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:397
+#: sssd.conf.5.xml:486
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:491
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -607,59 +748,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:408 sssd.conf.5.xml:461 sssd.conf.5.xml:793
+#: sssd.conf.5.xml:497 sssd.conf.5.xml:550 sssd.conf.5.xml:882
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:414
+#: sssd.conf.5.xml:503
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:417
+#: sssd.conf.5.xml:506
msgid ""
"Controls what kind of messages are shown to the user during "
"authentication. The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:422
+#: sssd.conf.5.xml:511
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:425
+#: sssd.conf.5.xml:514
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:428
+#: sssd.conf.5.xml:517
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:432
+#: sssd.conf.5.xml:521
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435
+#: sssd.conf.5.xml:524
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:528
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:444
+#: sssd.conf.5.xml:533
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:447
+#: sssd.conf.5.xml:536
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -667,7 +808,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:453
+#: sssd.conf.5.xml:542
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a "
@@ -677,17 +818,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:556
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:470
+#: sssd.conf.5.xml:559
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:562
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -695,29 +836,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:479
+#: sssd.conf.5.xml:568
msgid "Default: 7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:488
+#: sssd.conf.5.xml:577
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:495
+#: sssd.conf.5.xml:584
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:587
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:592
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For "
@@ -726,56 +867,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:599
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:516
+#: sssd.conf.5.xml:605
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:608
msgid ""
"Timeout in seconds between heartbeats for this domain. This is used to "
"ensure that the backend process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:524
+#: sssd.conf.5.xml:613 sssd-ldap.5.xml:945
msgid "Default: 10"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:619
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:533
+#: sssd.conf.5.xml:622
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:626
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:540
+#: sssd.conf.5.xml:629
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:543 sssd.conf.5.xml:591 sssd.conf.5.xml:645
+#: sssd.conf.5.xml:632 sssd.conf.5.xml:680 sssd.conf.5.xml:734
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:635
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -785,14 +926,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:556
+#: sssd.conf.5.xml:645
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:561
+#: sssd.conf.5.xml:650
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -801,39 +942,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:572
+#: sssd.conf.5.xml:661
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:575
+#: sssd.conf.5.xml:664
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:579
+#: sssd.conf.5.xml:668
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:584
+#: sssd.conf.5.xml:673
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:587
+#: sssd.conf.5.xml:676
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:685
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:599
+#: sssd.conf.5.xml:688
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -842,47 +983,47 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:606
+#: sssd.conf.5.xml:695
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:612
+#: sssd.conf.5.xml:701
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:704
msgid "The Data Provider identity backend to use for this domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:619
+#: sssd.conf.5.xml:708
msgid "Supported backends:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:622
+#: sssd.conf.5.xml:711
msgid "proxy: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:625
+#: sssd.conf.5.xml:714
msgid "local: SSSD internal local provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:628
+#: sssd.conf.5.xml:717
msgid "ldap: LDAP provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:723
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:726
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified "
"names. For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -891,19 +1032,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:739
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:742
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:657
+#: sssd.conf.5.xml:746
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
@@ -911,7 +1052,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:664
+#: sssd.conf.5.xml:753
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> "
@@ -919,29 +1060,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:671
+#: sssd.conf.5.xml:760
msgid "<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:763
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:677
+#: sssd.conf.5.xml:766
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:683
+#: sssd.conf.5.xml:772
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:775
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -949,17 +1090,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:781
msgid "<quote>permit</quote> always allow access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:695
+#: sssd.conf.5.xml:784
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698
+#: sssd.conf.5.xml:787
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> "
@@ -968,24 +1109,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:794
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:799
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:713
+#: sssd.conf.5.xml:802
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:718
+#: sssd.conf.5.xml:807
msgid ""
"<quote>ipa</quote> to change a password stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -994,7 +1135,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:726
+#: sssd.conf.5.xml:815
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
@@ -1003,7 +1144,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734
+#: sssd.conf.5.xml:823
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1011,71 +1152,71 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:742
+#: sssd.conf.5.xml:831
msgid "<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:746
+#: sssd.conf.5.xml:835
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:838
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:756
+#: sssd.conf.5.xml:845
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:759
+#: sssd.conf.5.xml:848
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:763
+#: sssd.conf.5.xml:852
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:766
+#: sssd.conf.5.xml:855
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:769
+#: sssd.conf.5.xml:858
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:772
+#: sssd.conf.5.xml:861
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:864
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:778
+#: sssd.conf.5.xml:867
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:873
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:787
+#: sssd.conf.5.xml:876
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1083,24 +1224,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:799
+#: sssd.conf.5.xml:888
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:891
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:806
+#: sssd.conf.5.xml:895
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:901
+msgid "override_gid (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:904
+msgid "Override the primary GID value with the one specified."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:579
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called "
@@ -1109,29 +1260,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:818
+#: sssd.conf.5.xml:916
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:919
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:824
+#: sssd.conf.5.xml:922
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:930
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:933
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -1139,19 +1290,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:814
+#: sssd.conf.5.xml:912
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" "
"id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:847
+#: sssd.conf.5.xml:945
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:849
+#: sssd.conf.5.xml:947
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -1159,73 +1310,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:856
+#: sssd.conf.5.xml:954
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:859
+#: sssd.conf.5.xml:957
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:863
+#: sssd.conf.5.xml:961
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:966
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:969
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:974
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:979
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:884
+#: sssd.conf.5.xml:982
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888 sssd.conf.5.xml:900
+#: sssd.conf.5.xml:986 sssd.conf.5.xml:998
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:991
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:994
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:905
+#: sssd.conf.5.xml:1003
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:908
+#: sssd.conf.5.xml:1006
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -1233,17 +1384,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:1014
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:921
+#: sssd.conf.5.xml:1019
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:1022
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -1252,17 +1403,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:934
+#: sssd.conf.5.xml:1032
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:939
+#: sssd.conf.5.xml:1037
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:942
+#: sssd.conf.5.xml:1040
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -1270,17 +1421,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:949
+#: sssd.conf.5.xml:1047
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:954
+#: sssd.conf.5.xml:1052
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:957
+#: sssd.conf.5.xml:1055
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -1288,17 +1439,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1061
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1432 sssd-simple.5.xml:126 sssd-ipa.5.xml:188 sssd-krb5.5.xml:414
+#: sssd.conf.5.xml:1071 sssd-ldap.5.xml:1520 sssd-simple.5.xml:126 sssd-ipa.5.xml:230 sssd-krb5.5.xml:414
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1077
#, no-wrap
msgid ""
"[sssd]\n"
@@ -1328,7 +1479,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:975
+#: sssd.conf.5.xml:1073
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -1337,7 +1488,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1108
msgid ""
"<citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> "
@@ -1406,20 +1557,40 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:63
msgid ""
-"Specifies the list of URIs of the LDAP servers to which SSSD should connect "
-"in the order of preference. Refer to the <quote>FAILOVER</quote> section for "
-"more information on failover and server redundancy. If not specified, "
-"service discovery is enabled. For more information, refer to the "
-"<quote>SERVICE DISCOVERY</quote> section."
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
+"should connect in the order of preference. Refer to the "
+"<quote>FAILOVER</quote> section for more information on failover and server "
+"redundancy. If not specified, service discovery is enabled. For more "
+"information, refer to the <quote>SERVICE DISCOVERY</quote> section."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:70
+msgid "The format of the URI must match the format defined in RFC 2732:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:73
-msgid "ldap_chpass_uri (string)"
+msgid "ldap[s]://&lt;host&gt;[:port]"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:76
+msgid "For explicit IPv6 addresses, &lt;host&gt; must be enclosed in brackets []"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:79
+msgid "example: ldap://[fc00::126:25]:389"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:85
+msgid "ldap_chpass_uri (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:88
msgid ""
"Specifies the list of URIs of the LDAP servers to which SSSD should connect "
"in the order of preference to change the password of a user. Refer to the "
@@ -1428,27 +1599,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:83
+#: sssd-ldap.5.xml:95
msgid "To enable service discovery ldap_chpass_dns_service_name must be set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:87
+#: sssd-ldap.5.xml:99
msgid "Default: empty, i.e. ldap_uri is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:93
+#: sssd-ldap.5.xml:105
msgid "ldap_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:96
+#: sssd-ldap.5.xml:108
msgid "The default base DN to use for performing LDAP user operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:100
+#: sssd-ldap.5.xml:112
msgid ""
"Default: If not set the value of the defaultNamingContext or namingContexts "
"attribute from the RootDSE of the LDAP server is used. If "
@@ -1459,12 +1630,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:114
+#: sssd-ldap.5.xml:126
msgid "ldap_schema (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:117
+#: sssd-ldap.5.xml:129
msgid ""
"Specifies the Schema Type in use on the target LDAP server. Depending on "
"the selected schema, the default attribute names retrieved from the servers "
@@ -1478,201 +1649,206 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:136
+#: sssd-ldap.5.xml:148
msgid "Default: rfc2307"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:142
+#: sssd-ldap.5.xml:154
msgid "ldap_default_bind_dn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:145
+#: sssd-ldap.5.xml:157
msgid "The default bind DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:152
+#: sssd-ldap.5.xml:164
msgid "ldap_default_authtok_type (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:155
+#: sssd-ldap.5.xml:167
msgid "The type of the authentication token of the default bind DN."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:159
+#: sssd-ldap.5.xml:171
msgid "The two mechanisms currently supported are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:162
+#: sssd-ldap.5.xml:174
msgid "password"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:165
+#: sssd-ldap.5.xml:177
msgid "obfuscated_password"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:180
+msgid "Default: password"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:171
+#: sssd-ldap.5.xml:186
msgid "ldap_default_authtok (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:174
+#: sssd-ldap.5.xml:189
msgid ""
"The authentication token of the default bind DN. Only clear text passwords "
"are currently supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:181
+#: sssd-ldap.5.xml:196
msgid "ldap_user_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:184
+#: sssd-ldap.5.xml:199
msgid "The object class of a user entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:187
+#: sssd-ldap.5.xml:202
msgid "Default: posixAccount"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:193
+#: sssd-ldap.5.xml:208
msgid "ldap_user_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:196
+#: sssd-ldap.5.xml:211
msgid "The LDAP attribute that corresponds to the user's login name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:200
+#: sssd-ldap.5.xml:215
msgid "Default: uid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:206
+#: sssd-ldap.5.xml:221
msgid "ldap_user_uid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:209
+#: sssd-ldap.5.xml:224
msgid "The LDAP attribute that corresponds to the user's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:213
+#: sssd-ldap.5.xml:228
msgid "Default: uidNumber"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:219
+#: sssd-ldap.5.xml:234
msgid "ldap_user_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:222
+#: sssd-ldap.5.xml:237
msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:642
+#: sssd-ldap.5.xml:241 sssd-ldap.5.xml:698
msgid "Default: gidNumber"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:232
+#: sssd-ldap.5.xml:247
msgid "ldap_user_gecos (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:235
+#: sssd-ldap.5.xml:250
msgid "The LDAP attribute that corresponds to the user's gecos field."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:239
+#: sssd-ldap.5.xml:254
msgid "Default: gecos"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:245
+#: sssd-ldap.5.xml:260
msgid "ldap_user_home_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:248
+#: sssd-ldap.5.xml:263
msgid "The LDAP attribute that contains the name of the user's home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:252
+#: sssd-ldap.5.xml:267
msgid "Default: homeDirectory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:258
+#: sssd-ldap.5.xml:273
msgid "ldap_user_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:261
+#: sssd-ldap.5.xml:276
msgid "The LDAP attribute that contains the path to the user's default shell."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:265
+#: sssd-ldap.5.xml:280
msgid "Default: loginShell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:271
+#: sssd-ldap.5.xml:286
msgid "ldap_user_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:274
+#: sssd-ldap.5.xml:289
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:668 sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:293 sssd-ldap.5.xml:724 sssd-ldap.5.xml:817
msgid "Default: nsUniqueId"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:284
+#: sssd-ldap.5.xml:299
msgid "ldap_user_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:677 sssd-ldap.5.xml:770
+#: sssd-ldap.5.xml:302 sssd-ldap.5.xml:733 sssd-ldap.5.xml:826
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:681 sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:306 sssd-ldap.5.xml:737 sssd-ldap.5.xml:830
msgid "Default: modifyTimestamp"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:297
+#: sssd-ldap.5.xml:312
msgid "ldap_user_shadow_last_change (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:300
+#: sssd-ldap.5.xml:315
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> "
@@ -1681,17 +1857,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:310
+#: sssd-ldap.5.xml:325
msgid "Default: shadowLastChange"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:316
+#: sssd-ldap.5.xml:331
msgid "ldap_user_shadow_min (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:319
+#: sssd-ldap.5.xml:334
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> "
@@ -1700,17 +1876,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:328
+#: sssd-ldap.5.xml:343
msgid "Default: shadowMin"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:334
+#: sssd-ldap.5.xml:349
msgid "ldap_user_shadow_max (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:337
+#: sssd-ldap.5.xml:352
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> "
@@ -1719,17 +1895,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:346
+#: sssd-ldap.5.xml:361
msgid "Default: shadowMax"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:352
+#: sssd-ldap.5.xml:367
msgid "ldap_user_shadow_warning (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:355
+#: sssd-ldap.5.xml:370
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> "
@@ -1738,17 +1914,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:365
+#: sssd-ldap.5.xml:380
msgid "Default: shadowWarning"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:371
+#: sssd-ldap.5.xml:386
msgid "ldap_user_shadow_inactive (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:374
+#: sssd-ldap.5.xml:389
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> "
@@ -1757,17 +1933,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:384
+#: sssd-ldap.5.xml:399
msgid "Default: shadowInactive"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:390
+#: sssd-ldap.5.xml:405
msgid "ldap_user_shadow_expire (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:393
+#: sssd-ldap.5.xml:408
msgid ""
"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this "
"parameter contains the name of an LDAP attribute corresponding to its "
@@ -1777,17 +1953,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:403
+#: sssd-ldap.5.xml:418
msgid "Default: shadowExpire"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:409
+#: sssd-ldap.5.xml:424
msgid "ldap_user_krb_last_pwd_change (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:412
+#: sssd-ldap.5.xml:427
msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time of last password change in "
@@ -1795,102 +1971,148 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:418
+#: sssd-ldap.5.xml:433
msgid "Default: krbLastPwdChange"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:424
+#: sssd-ldap.5.xml:439
msgid "ldap_user_krb_password_expiration (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:427
+#: sssd-ldap.5.xml:442
msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time when current password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:433
+#: sssd-ldap.5.xml:448
msgid "Default: krbPasswordExpiration"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:439
+#: sssd-ldap.5.xml:454
msgid "ldap_user_ad_account_expires (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:442
+#: sssd-ldap.5.xml:457
msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the expiration time of the account."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:447
+#: sssd-ldap.5.xml:462
msgid "Default: accountExpires"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:453
+#: sssd-ldap.5.xml:468
msgid "ldap_user_ad_user_account_control (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:456
+#: sssd-ldap.5.xml:471
msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the user account control bit field."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:461
+#: sssd-ldap.5.xml:476
msgid "Default: userAccountControl"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:467
+#: sssd-ldap.5.xml:482
msgid "ldap_ns_account_lock (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:470
+#: sssd-ldap.5.xml:485
msgid ""
"When using ldap_account_expire_policy=rhds or equivalent, this parameter "
"determines if access is allowed or not."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:475
+#: sssd-ldap.5.xml:490
msgid "Default: nsAccountLock"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:481
+#: sssd-ldap.5.xml:496
+msgid "ldap_user_nds_login_disabled (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:499
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines if "
+"access is allowed or not."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:503 sssd-ldap.5.xml:517
+msgid "Default: loginDisabled"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:509
+msgid "ldap_user_nds_login_expiration_time (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:512
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines until "
+"which date access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:523
+msgid "ldap_user_nds_login_allowed_time_map (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:526
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines the "
+"hours of a day in a week when access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:531
+msgid "Default: loginAllowedTimeMap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:537
msgid "ldap_user_principal (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:484
+#: sssd-ldap.5.xml:540
msgid ""
"The LDAP attribute that contains the user's Kerberos User Principal Name "
"(UPN)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:488
+#: sssd-ldap.5.xml:544
msgid "Default: krbPrincipalName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:494
+#: sssd-ldap.5.xml:550
msgid "ldap_force_upper_case_realm (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:497
+#: sssd-ldap.5.xml:553
msgid ""
"Some directory servers, for example Active Directory, might deliver the "
"realm part of the UPN in lower case, which might cause the authentication to "
@@ -1899,34 +2121,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:995 sssd-ipa.5.xml:115 sssd.8.xml:64 sssd-krb5.5.xml:235 sssd-krb5.5.xml:266
+#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:1074 sssd-ipa.5.xml:115 sssd.8.xml:64 sssd-krb5.5.xml:235 sssd-krb5.5.xml:266
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:510
+#: sssd-ldap.5.xml:566
msgid "ldap_enumeration_refresh_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:513
+#: sssd-ldap.5.xml:569
msgid ""
"The LDAP attribute that contains how many seconds SSSD has to wait before "
"refreshing its cache of enumerated records."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:518
+#: sssd-ldap.5.xml:574
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:524
+#: sssd-ldap.5.xml:580
msgid "ldap_purge_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:527
+#: sssd-ldap.5.xml:583
msgid ""
"Determine how often to check the cache for inactive entries (such as groups "
"with no members and users who have never logged in) and remove them to save "
@@ -1934,52 +2156,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:533
+#: sssd-ldap.5.xml:589
msgid "Setting this option to zero will disable the cache cleanup operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:537
+#: sssd-ldap.5.xml:593
msgid "Default: 10800 (12 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:543
+#: sssd-ldap.5.xml:599
msgid "ldap_user_fullname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:546
+#: sssd-ldap.5.xml:602
msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:629 sssd-ldap.5.xml:722
+#: sssd-ldap.5.xml:606 sssd-ldap.5.xml:685 sssd-ldap.5.xml:778
msgid "Default: cn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:556
+#: sssd-ldap.5.xml:612
msgid "ldap_user_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:559
+#: sssd-ldap.5.xml:615
msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:563
+#: sssd-ldap.5.xml:619
msgid "Default: memberOf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:569
+#: sssd-ldap.5.xml:625
msgid "ldap_user_authorized_service (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:572
+#: sssd-ldap.5.xml:628
msgid ""
"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will "
"use the presence of the authorizedService attribute in the user's LDAP entry "
@@ -1987,24 +2209,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:579
+#: sssd-ldap.5.xml:635
msgid ""
"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
"explicit allow (svc) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:584
+#: sssd-ldap.5.xml:640
msgid "Default: authorizedService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:590
+#: sssd-ldap.5.xml:646
msgid "ldap_user_authorized_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:593
+#: sssd-ldap.5.xml:649
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -2012,89 +2234,89 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:599
+#: sssd-ldap.5.xml:655
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:604
+#: sssd-ldap.5.xml:660
msgid "Default: host"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:610
+#: sssd-ldap.5.xml:666
msgid "ldap_group_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:613
+#: sssd-ldap.5.xml:669
msgid "The object class of a group entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:616
+#: sssd-ldap.5.xml:672
msgid "Default: posixGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:622
+#: sssd-ldap.5.xml:678
msgid "ldap_group_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:625
+#: sssd-ldap.5.xml:681
msgid "The LDAP attribute that corresponds to the group name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:635
+#: sssd-ldap.5.xml:691
msgid "ldap_group_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:638
+#: sssd-ldap.5.xml:694
msgid "The LDAP attribute that corresponds to the group's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:648
+#: sssd-ldap.5.xml:704
msgid "ldap_group_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:651
+#: sssd-ldap.5.xml:707
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:655
+#: sssd-ldap.5.xml:711
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:661
+#: sssd-ldap.5.xml:717
msgid "ldap_group_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:664
+#: sssd-ldap.5.xml:720
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:674
+#: sssd-ldap.5.xml:730
msgid "ldap_group_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:687
+#: sssd-ldap.5.xml:743
msgid "ldap_group_nesting_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:690
+#: sssd-ldap.5.xml:746
msgid ""
"If ldap_schema is set to a schema format that supports nested groups "
"(e.g. RFC2307bis), then this option controls how many levels of nesting SSSD "
@@ -2102,87 +2324,87 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:697
+#: sssd-ldap.5.xml:753
msgid "Default: 2"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:703
+#: sssd-ldap.5.xml:759
msgid "ldap_netgroup_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:706
+#: sssd-ldap.5.xml:762
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:709
+#: sssd-ldap.5.xml:765
msgid "Default: nisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:715
+#: sssd-ldap.5.xml:771
msgid "ldap_netgroup_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:718
+#: sssd-ldap.5.xml:774
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:728
+#: sssd-ldap.5.xml:784
msgid "ldap_netgroup_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:731
+#: sssd-ldap.5.xml:787
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:791
msgid "Default: memberNisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:741
+#: sssd-ldap.5.xml:797
msgid "ldap_netgroup_triple (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:744
+#: sssd-ldap.5.xml:800
msgid "The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:748
+#: sssd-ldap.5.xml:804
msgid "Default: nisNetgroupTriple"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:754
+#: sssd-ldap.5.xml:810
msgid "ldap_netgroup_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:757
+#: sssd-ldap.5.xml:813
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:767
+#: sssd-ldap.5.xml:823
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:780
+#: sssd-ldap.5.xml:836
msgid "ldap_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:783
+#: sssd-ldap.5.xml:839
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -2190,7 +2412,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:789
+#: sssd-ldap.5.xml:845
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -2198,17 +2420,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:795 sssd-ldap.5.xml:837 sssd-ldap.5.xml:852
+#: sssd-ldap.5.xml:851 sssd-ldap.5.xml:893 sssd-ldap.5.xml:908
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:801
+#: sssd-ldap.5.xml:857
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:804
+#: sssd-ldap.5.xml:860
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -2216,17 +2438,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:811
+#: sssd-ldap.5.xml:867
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:817
+#: sssd-ldap.5.xml:873
msgid "ldap_network_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:820
+#: sssd-ldap.5.xml:876
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> "
@@ -2237,12 +2459,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:843
+#: sssd-ldap.5.xml:899
msgid "ldap_opt_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:846
+#: sssd-ldap.5.xml:902
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -2250,43 +2472,65 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:858
+#: sssd-ldap.5.xml:914
msgid "ldap_page_size (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:861
+#: sssd-ldap.5.xml:917
msgid ""
"Specify the number of records to retrieve from LDAP in a single "
"request. Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:866
+#: sssd-ldap.5.xml:922
msgid "Default: 1000"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:872
+#: sssd-ldap.5.xml:928
+msgid "ldap_deref_threshold (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:931
+msgid ""
+"Specify the number of group members that must be missing from the internal "
+"cache in order to trigger a dereference lookup. If less members are missing, "
+"they are looked up individually."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:937
+msgid ""
+"A dereference lookup is a means of fetching all group members in a single "
+"LDAP call. Different LDAP servers may implement different dereference "
+"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active "
+"Directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:951
msgid "ldap_tls_reqcert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:875
+#: sssd-ldap.5.xml:954
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:881
+#: sssd-ldap.5.xml:960
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:885
+#: sssd-ldap.5.xml:964
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -2294,7 +2538,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:892
+#: sssd-ldap.5.xml:971
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -2302,7 +2546,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:898
+#: sssd-ldap.5.xml:977
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -2310,41 +2554,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:904
+#: sssd-ldap.5.xml:983
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:908
+#: sssd-ldap.5.xml:987
msgid "Default: hard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:914
+#: sssd-ldap.5.xml:993
msgid "ldap_tls_cacert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:917
+#: sssd-ldap.5.xml:996
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:922 sssd-ldap.5.xml:940 sssd-ldap.5.xml:981
+#: sssd-ldap.5.xml:1001 sssd-ldap.5.xml:1019 sssd-ldap.5.xml:1060
msgid ""
"Default: use OpenLDAP defaults, typically in "
"<filename>/etc/openldap/ldap.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:1008
msgid "ldap_tls_cacertdir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:1011
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -2353,37 +2597,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:947
+#: sssd-ldap.5.xml:1026
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:950
+#: sssd-ldap.5.xml:1029
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:954 sssd-ldap.5.xml:966 sssd-ldap.5.xml:1395 sssd-ldap.5.xml:1418 sssd-krb5.5.xml:356
+#: sssd-ldap.5.xml:1033 sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1483 sssd-ldap.5.xml:1506 sssd-krb5.5.xml:356
msgid "Default: not set"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:960
+#: sssd-ldap.5.xml:1039
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:1042
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:972
+#: sssd-ldap.5.xml:1051
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:975
+#: sssd-ldap.5.xml:1054
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -2391,73 +2635,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:988
+#: sssd-ldap.5.xml:1067
msgid "ldap_id_use_start_tls (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:991
+#: sssd-ldap.5.xml:1070
msgid ""
"Specifies that the id_provider connection must also use <systemitem "
"class=\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1001
+#: sssd-ldap.5.xml:1080
msgid "ldap_sasl_mech (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1004
+#: sssd-ldap.5.xml:1083
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1136
+#: sssd-ldap.5.xml:1087 sssd-ldap.5.xml:1215
msgid "Default: none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1014
+#: sssd-ldap.5.xml:1093
msgid "ldap_sasl_authid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1017
+#: sssd-ldap.5.xml:1096
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1022
+#: sssd-ldap.5.xml:1101
msgid "Default: host/machine.fqdn@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1028
+#: sssd-ldap.5.xml:1107
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1031
+#: sssd-ldap.5.xml:1110
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1034
+#: sssd-ldap.5.xml:1113
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1119
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1043
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -2465,27 +2709,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1055
+#: sssd-ldap.5.xml:1134
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1058
+#: sssd-ldap.5.xml:1137
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1062
+#: sssd-ldap.5.xml:1141
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1147 sssd-krb5.5.xml:74
msgid "krb5_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071 sssd-krb5.5.xml:77
+#: sssd-ldap.5.xml:1150 sssd-krb5.5.xml:77
msgid ""
"Specifies the list of IP addresses or hostnames of the Kerberos servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -2496,7 +2740,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1162 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -2504,7 +2748,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1088 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1167 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of "
"SSSD. While the legacy name is recognized for the time being, users are "
@@ -2513,41 +2757,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1097 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1176 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1100
+#: sssd-ldap.5.xml:1179
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1103
+#: sssd-ldap.5.xml:1182
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1109
+#: sssd-ldap.5.xml:1188
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1112
+#: sssd-ldap.5.xml:1191
msgid ""
"Select the policy to evaluate the password expiration on the client "
"side. The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1117
+#: sssd-ldap.5.xml:1196
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1122
+#: sssd-ldap.5.xml:1201
msgid ""
"<emphasis>shadow</emphasis> - Use "
"<citerefentry><refentrytitle>shadow</refentrytitle> "
@@ -2557,7 +2801,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1130
+#: sssd-ldap.5.xml:1209
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -2565,61 +2809,61 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1142
+#: sssd-ldap.5.xml:1221
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1145
+#: sssd-ldap.5.xml:1224
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1228
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1160
+#: sssd-ldap.5.xml:1239
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1242
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1167
+#: sssd-ldap.5.xml:1246
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1173
+#: sssd-ldap.5.xml:1252
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1176
+#: sssd-ldap.5.xml:1255
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1181
+#: sssd-ldap.5.xml:1260
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1187
+#: sssd-ldap.5.xml:1266
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1190
+#: sssd-ldap.5.xml:1269
msgid ""
"If using access_provider = ldap, this option is mandatory. It specifies an "
"LDAP search filter criteria that must be met for the user to be granted "
@@ -2629,12 +2873,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1200 sssd-ldap.5.xml:1398
+#: sssd-ldap.5.xml:1279 sssd-ldap.5.xml:1486
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1203
+#: sssd-ldap.5.xml:1282
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -2643,14 +2887,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1286
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1291
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -2659,24 +2903,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1220 sssd-ldap.5.xml:1261
+#: sssd-ldap.5.xml:1299 sssd-ldap.5.xml:1349
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1305
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1308
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1312
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -2684,19 +2928,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1240
+#: sssd-ldap.5.xml:1319
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1243
+#: sssd-ldap.5.xml:1322
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1248
+#: sssd-ldap.5.xml:1327
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -2705,97 +2949,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1255
+#: sssd-ldap.5.xml:1334
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, "
"<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check "
"if access is allowed or not."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1340
+msgid ""
+"<emphasis>nds</emphasis>: the values of "
+"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
+"ldap_user_nds_login_expiration_time are used to check if access is "
+"allowed. If both attributes are missing access is granted."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1355
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1270
+#: sssd-ldap.5.xml:1358
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1362
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1277
+#: sssd-ldap.5.xml:1365
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1281
+#: sssd-ldap.5.xml:1369
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1374
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1378
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1293
+#: sssd-ldap.5.xml:1381
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1300
+#: sssd-ldap.5.xml:1388
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1303
+#: sssd-ldap.5.xml:1391
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1308
+#: sssd-ldap.5.xml:1396
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1312
+#: sssd-ldap.5.xml:1400
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1317
+#: sssd-ldap.5.xml:1405
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1322
+#: sssd-ldap.5.xml:1410
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1327
+#: sssd-ldap.5.xml:1415
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -2812,59 +3065,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1339
+#: sssd-ldap.5.xml:1427
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1346
+#: sssd-ldap.5.xml:1434
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1349
+#: sssd-ldap.5.xml:1437
msgid "An optional base DN to restrict netgroup searches to a specific subtree."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1353 sssd-ldap.5.xml:1367 sssd-ldap.5.xml:1381
+#: sssd-ldap.5.xml:1441 sssd-ldap.5.xml:1455 sssd-ldap.5.xml:1469
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1360
+#: sssd-ldap.5.xml:1448
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1451
msgid "An optional base DN to restrict user searches to a specific subtree."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1374
+#: sssd-ldap.5.xml:1462
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1377
+#: sssd-ldap.5.xml:1465
msgid "An optional base DN to restrict group searches to a specific subtree."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1388
+#: sssd-ldap.5.xml:1476
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1391
+#: sssd-ldap.5.xml:1479
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1401
+#: sssd-ldap.5.xml:1489
#, no-wrap
msgid ""
" ldap_user_search_filter = "
@@ -2873,26 +3126,26 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1404
+#: sssd-ldap.5.xml:1492
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1411
+#: sssd-ldap.5.xml:1499
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1414
+#: sssd-ldap.5.xml:1502
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1341
+#: sssd-ldap.5.xml:1429
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -2900,7 +3153,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1434
+#: sssd-ldap.5.xml:1522
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -2908,7 +3161,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:1440
+#: sssd-ldap.5.xml:1528
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -2922,17 +3175,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1439 sssd-simple.5.xml:134 sssd-ipa.5.xml:196 sssd-krb5.5.xml:423
+#: sssd-ldap.5.xml:1527 sssd-simple.5.xml:134 sssd-ipa.5.xml:238 sssd-krb5.5.xml:423
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1453 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:1541 sssd_krb5_locator_plugin.8.xml:61
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1543
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -2941,7 +3194,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1466
+#: sssd-ldap.5.xml:1554
msgid ""
"<citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
@@ -3455,8 +3708,59 @@ msgid ""
"converted into the base DN to use for performing LDAP operations."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:179
+msgid "ipa_hbac_refresh (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:182
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many access-control requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:189
+msgid "Default: 5 (seconds)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:194
+msgid "ipa_hbac_treat_deny_as (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:197
+msgid ""
+"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
+"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
+"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The "
+"client will support two modes of operation during this transition period:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:206
+msgid ""
+"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
+"users will be denied access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:211
+msgid ""
+"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
+"careful with this option, as it may result in opening unintended access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:216
+msgid "Default: DENY_ALL"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:190
+#: sssd-ipa.5.xml:232
msgid ""
"The following example assumes that SSSD is correctly configured and "
"example.com is one of the domains in the <replaceable>[sssd]</replaceable> "
@@ -3464,7 +3768,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:197
+#: sssd-ipa.5.xml:239
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -3474,7 +3778,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:208
+#: sssd-ipa.5.xml:250
msgid ""
"<citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
@@ -4029,21 +4333,6 @@ msgstr ""
msgid "krb5_ccname_template (string)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:166
-msgid "%u"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:167
-msgid "login name"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:170
-msgid "%U"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:171
msgid "login UID"
@@ -4079,11 +4368,6 @@ msgstr ""
msgid "home directory"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:188
-msgid "%d"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:189
msgid "value of krb5ccache_dir"
@@ -4099,16 +4383,6 @@ msgstr ""
msgid "the process ID of the sssd client"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:200
-msgid "%%"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:201
-msgid "a literal '%'"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:160
msgid ""
diff --git a/src/man/po/uk.po b/src/man/po/uk.po
index 98e4e6c75..4e98d4a2e 100644
--- a/src/man/po/uk.po
+++ b/src/man/po/uk.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.5.0\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-04-27 11:41-0300\n"
+"POT-Creation-Date: 2011-08-02 15:55-0300\n"
"PO-Revision-Date: 2011-01-25 20:56+0200\n"
"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
"Language-Team: Ukrainian <translation@linux.org.ua>\n"
@@ -132,9 +132,9 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><title>
#. type: Content of: <reference><refentry><refsect1><title>
-#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1008 sssd-ldap.5.xml:1464
+#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1106 sssd-ldap.5.xml:1552
#: pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143
-#: sssd-ipa.5.xml:206 sssd.8.xml:166 sss_obfuscate.8.xml:103
+#: sssd-ipa.5.xml:248 sssd.8.xml:166 sss_obfuscate.8.xml:103
#: sss_useradd.8.xml:167 sssd-krb5.5.xml:433 sss_groupadd.8.xml:58
#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58
#: sss_usermod.8.xml:138
@@ -282,7 +282,7 @@ msgstr "Розділ [sssd]"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:70 sssd.conf.5.xml:854
+#: sssd.conf.5.xml:70 sssd.conf.5.xml:952
msgid "Section parameters"
msgstr "Параметри розділу"
@@ -579,8 +579,8 @@ msgstr "Додати часову позначку до діагностични
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1049
-#: sssd-ldap.5.xml:1154 sssd-ipa.5.xml:155
+#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:1128
+#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:155
msgid "Default: true"
msgstr "Типове значення: true"
@@ -739,15 +739,185 @@ msgstr ""
"Якщо ви хочете, щоб фільтровані користувачі залишалися учасниками груп, "
"встановіть для цього параметра значення «false»."
+# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:358
+#, fuzzy
+#| msgid "userdel_cmd (string)"
+msgid "override_homedir (string)"
+msgstr "userdel_cmd (рядок)"
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:367 sssd-krb5.5.xml:166
+msgid "%u"
+msgstr "%u"
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:368 sssd-krb5.5.xml:167
+msgid "login name"
+msgstr "ім'я користувача"
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:371 sssd-krb5.5.xml:170
+msgid "%U"
+msgstr "%U"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:372
+msgid "UID number"
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:375 sssd-krb5.5.xml:188
+msgid "%d"
+msgstr "%d"
+
+# type: Content of: <refsect1><refsect2><title>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:376
+#, fuzzy
+#| msgid "The domain name"
+msgid "domain name"
+msgstr "Назва домену"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:379
+msgid "%f"
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:380
+#, fuzzy
+#| msgid "use_fully_qualified_names (bool)"
+msgid "fully qualified user name (user@domain)"
+msgstr "use_fully_qualified_names (булеве значення)"
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:383 sssd-krb5.5.xml:200
+msgid "%%"
+msgstr "%%"
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:384 sssd-krb5.5.xml:201
+msgid "a literal '%'"
+msgstr "символ відсотків («%»)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:361
+msgid ""
+"Override the user's home directory. You can either provide an absolute value "
+"or a template. In the template, the following sequences are substituted: "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:390
+msgid "This option can also be set per-domain."
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:395
+#, fuzzy
+#| msgid "default_shell (string)"
+msgid "allowed_shells (string)"
+msgstr "default_shell (рядок)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:398
+msgid ""
+"Restrict user shell to one of the listed values. The order of evaluation is:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:401
+msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:405
+msgid ""
+"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
+"quote>, use the value of the shell_fallback parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:410
+msgid ""
+"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
+"shells</quote>, a nologin shell is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:415
+msgid "An empty string for shell is passed as-is to libc."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:418
+msgid ""
+"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
+"that a restart of the SSSD is required in case a new shell is installed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:422
+#, fuzzy
+#| msgid "Default: not set, i.e. FAST is not used."
+msgid "Default: Not set. The user shell is automatically used."
+msgstr "Типове значення: не встановлено, тобто FAST не використовується."
+
+# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:427
+#, fuzzy
+#| msgid "default_shell (string)"
+msgid "vetoed_shells (string)"
+msgstr "default_shell (рядок)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:430
+msgid "Replace any instance of these shells with the shell_fallback"
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:435
+#, fuzzy
+#| msgid "userdel_cmd (string)"
+msgid "shell_fallback (string)"
+msgstr "userdel_cmd (рядок)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:438
+msgid ""
+"The default shell to use if an allowed shell is not installed on the machine."
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:442
+#, fuzzy
+#| msgid "Default: cn"
+msgid "Default: /bin/sh"
+msgstr "Типове значення: cn"
+
# type: Content of: <reference><refentry><refsect1><refsect2><title>
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:360
+#: sssd.conf.5.xml:449
msgid "PAM configuration options"
msgstr "Параметри налаштування PAM"
# type: Content of: <reference><refentry><refsect1><refsect2><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:362
+#: sssd.conf.5.xml:451
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -757,13 +927,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:367
+#: sssd.conf.5.xml:456
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (ціле число)"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:459
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -771,19 +941,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:375 sssd.conf.5.xml:388
+#: sssd.conf.5.xml:464 sssd.conf.5.xml:477
msgid "Default: 0 (No limit)"
msgstr "Типове значення: 0 (без обмежень)"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:381
+#: sssd.conf.5.xml:470
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (ціле число)"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:473
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -791,13 +961,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:483
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (ціле число)"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:397
+#: sssd.conf.5.xml:486
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -805,7 +975,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:491
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -814,19 +984,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:408 sssd.conf.5.xml:461 sssd.conf.5.xml:793
+#: sssd.conf.5.xml:497 sssd.conf.5.xml:550 sssd.conf.5.xml:882
msgid "Default: 5"
msgstr "Типове значення: 5"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:414
+#: sssd.conf.5.xml:503
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (ціле число)"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:417
+#: sssd.conf.5.xml:506
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -834,49 +1004,49 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:422
+#: sssd.conf.5.xml:511
msgid "Currently sssd supports the following values:"
msgstr "У поточній версії sssd передбачено підтримку таких значень:"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:425
+#: sssd.conf.5.xml:514
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: не показувати жодних повідомлень"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:428
+#: sssd.conf.5.xml:517
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: показувати лише важливі повідомлення"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:432
+#: sssd.conf.5.xml:521
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: показувати всі інформаційні повідомлення"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:435
+#: sssd.conf.5.xml:524
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis>: показувати всі повідомлення та діагностичні дані"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:528
msgid "Default: 1"
msgstr "Типове значення: 1"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:444
+#: sssd.conf.5.xml:533
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:447
+#: sssd.conf.5.xml:536
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -884,7 +1054,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:453
+#: sssd.conf.5.xml:542
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -894,17 +1064,17 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:556
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:470
+#: sssd.conf.5.xml:559
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:562
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -913,25 +1083,25 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:479
+#: sssd.conf.5.xml:568
msgid "Default: 7"
msgstr "Типове значення: 7"
# type: Content of: <reference><refentry><refsect1><title>
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:488
+#: sssd.conf.5.xml:577
msgid "DOMAIN SECTIONS"
msgstr "РОЗДІЛИ ДОМЕНІВ"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:495
+#: sssd.conf.5.xml:584
msgid "min_id,max_id (integer)"
msgstr "min_id,max_id (ціле значення)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:498
+#: sssd.conf.5.xml:587
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -939,7 +1109,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:503
+#: sssd.conf.5.xml:592
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -949,19 +1119,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:599
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Типові значення: 1 для min_id, 0 (без обмежень) для max_id"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:516
+#: sssd.conf.5.xml:605
msgid "timeout (integer)"
msgstr "timeout (ціле число)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:608
msgid ""
"Timeout in seconds between heartbeats for this domain. This is used to "
"ensure that the backend process is alive and capable of answering requests."
@@ -969,19 +1139,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:524
+#: sssd.conf.5.xml:613 sssd-ldap.5.xml:945
msgid "Default: 10"
msgstr "Типове значення: 10"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:619
msgid "enumerate (bool)"
msgstr "enumerate (булеве значення)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:533
+#: sssd.conf.5.xml:622
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -989,25 +1159,25 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:626
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = користувачі і групи нумеруються"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:540
+#: sssd.conf.5.xml:629
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = не використовувати нумерацію для цього домену"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:543 sssd.conf.5.xml:591 sssd.conf.5.xml:645
+#: sssd.conf.5.xml:632 sssd.conf.5.xml:680 sssd.conf.5.xml:734
msgid "Default: FALSE"
msgstr "Типове значення: FALSE"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:635
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1017,7 +1187,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:556
+#: sssd.conf.5.xml:645
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1025,7 +1195,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:561
+#: sssd.conf.5.xml:650
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1035,13 +1205,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:572
+#: sssd.conf.5.xml:661
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (ціле число)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:575
+#: sssd.conf.5.xml:664
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1049,31 +1219,31 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:579
+#: sssd.conf.5.xml:668
msgid "Default: 5400"
msgstr "Типове значення: 5400"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:584
+#: sssd.conf.5.xml:673
msgid "cache_credentials (bool)"
msgstr "cache_credentials (булеве значення)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:587
+#: sssd.conf.5.xml:676
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:685
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (ціле число)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:599
+#: sssd.conf.5.xml:688
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1083,55 +1253,55 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:606
+#: sssd.conf.5.xml:695
msgid "Default: 0 (unlimited)"
msgstr "Типове значення: 0 (без обмежень)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:612
+#: sssd.conf.5.xml:701
msgid "id_provider (string)"
msgstr "id_provider (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:704
msgid "The Data Provider identity backend to use for this domain."
msgstr "Модуль надання даних щодо профілів користувачів для цього домену."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:619
+#: sssd.conf.5.xml:708
msgid "Supported backends:"
msgstr "Підтримувані модулі:"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:622
+#: sssd.conf.5.xml:711
msgid "proxy: Support a legacy NSS provider"
msgstr "proxy: підтримка застарілого модуля надання даних NSS"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:625
+#: sssd.conf.5.xml:714
msgid "local: SSSD internal local provider"
msgstr "local: вбудований модуль надання локальних даних SSSD"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:628
+#: sssd.conf.5.xml:717
msgid "ldap: LDAP provider"
msgstr "ldap: модуль надання даних LDAP"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:723
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (булеве значення)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:637
+#: sssd.conf.5.xml:726
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1141,13 +1311,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:650
+#: sssd.conf.5.xml:739
msgid "auth_provider (string)"
msgstr "auth_provider (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:742
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -1157,7 +1327,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:657
+#: sssd.conf.5.xml:746
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1170,7 +1340,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:664
+#: sssd.conf.5.xml:753
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1183,20 +1353,20 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:671
+#: sssd.conf.5.xml:760
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr "<quote>proxy</quote> — трансльоване розпізнавання у іншій системі PAM."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:763
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> — вимкнути розпізнавання повністю."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:677
+#: sssd.conf.5.xml:766
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -1206,13 +1376,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:683
+#: sssd.conf.5.xml:772
msgid "access_provider (string)"
msgstr "access_provider (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:775
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1221,19 +1391,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:781
msgid "<quote>permit</quote> always allow access."
msgstr "<quote>permit</quote> — завжди дозволяти доступ."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:695
+#: sssd.conf.5.xml:784
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> — завжди забороняти доступ."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:698
+#: sssd.conf.5.xml:787
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1243,19 +1413,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:794
msgid "Default: <quote>permit</quote>"
msgstr "Типове значення: <quote>permit</quote>"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:710
+#: sssd.conf.5.xml:799
msgid "chpass_provider (string)"
msgstr "chpass_provider (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:713
+#: sssd.conf.5.xml:802
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -1263,7 +1433,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:718
+#: sssd.conf.5.xml:807
msgid ""
"<quote>ipa</quote> to change a password stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1276,7 +1446,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:726
+#: sssd.conf.5.xml:815
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1289,7 +1459,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734
+#: sssd.conf.5.xml:823
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1302,20 +1472,20 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:742
+#: sssd.conf.5.xml:831
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr "<quote>proxy</quote> — трансльована зміна пароля у іншій системі PAM."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:746
+#: sssd.conf.5.xml:835
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr "<quote>none</quote> — явно вимкнути можливість зміни пароля."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:749
+#: sssd.conf.5.xml:838
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -1323,13 +1493,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:756
+#: sssd.conf.5.xml:845
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:759
+#: sssd.conf.5.xml:848
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -1339,13 +1509,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:763
+#: sssd.conf.5.xml:852
msgid "Supported values:"
msgstr "Передбачено підтримку таких значень:"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:766
+#: sssd.conf.5.xml:855
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
"ipv4_first: спробувати визначити адресу у форматі IPv4, у разі невдачі "
@@ -1353,14 +1523,14 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:769
+#: sssd.conf.5.xml:858
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
"ipv4_only: намагатися визначити назви вузлів лише у форматі адрес IPv4."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:772
+#: sssd.conf.5.xml:861
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
"ipv6_first: спробувати визначити адресу у форматі IPv6, у разі невдачі "
@@ -1368,26 +1538,26 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:864
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
"ipv6_only: намагатися визначити назви вузлів лише у форматі адрес IPv6."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:778
+#: sssd.conf.5.xml:867
msgid "Default: ipv4_first"
msgstr "Типове значення: ipv4_first"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:784
+#: sssd.conf.5.xml:873
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (ціле число)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:787
+#: sssd.conf.5.xml:876
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1396,13 +1566,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:799
+#: sssd.conf.5.xml:888
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:891
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -1410,13 +1580,26 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:806
+#: sssd.conf.5.xml:895
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
"Типова поведінка: використовувати назву домену з назви вузла комп’ютера."
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:901
+#, fuzzy
+#| msgid "min_id,max_id (integer)"
+msgid "override_gid (integer)"
+msgstr "min_id,max_id (ціле значення)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:904
+msgid "Override the primary GID value with the one specified."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:579
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -1425,19 +1608,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:818
+#: sssd.conf.5.xml:916
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:919
msgid "The proxy target PAM proxies to."
msgstr "Комп’ютер, для якого виконує проксі-сервер PAM."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:824
+#: sssd.conf.5.xml:922
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -1445,13 +1628,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:930
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:933
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -1459,7 +1642,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:814
+#: sssd.conf.5.xml:912
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -1469,13 +1652,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><title>
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:847
+#: sssd.conf.5.xml:945
msgid "The local domain section"
msgstr "Розділ локального домену"
# type: Content of: <reference><refentry><refsect1><refsect2><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:849
+#: sssd.conf.5.xml:947
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -1484,13 +1667,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:856
+#: sssd.conf.5.xml:954
msgid "default_shell (string)"
msgstr "default_shell (рядок)"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:859
+#: sssd.conf.5.xml:957
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
"Типова оболонка для записів користувачів, створених за допомогою "
@@ -1498,19 +1681,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:863
+#: sssd.conf.5.xml:961
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Типове значення: <filename>/bin/bash</filename>"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:966
msgid "base_directory (string)"
msgstr "base_directory (рядок)"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:969
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -1518,18 +1701,18 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:974
msgid "Default: <filename>/home</filename>"
msgstr "Типове значення: <filename>/home</filename>"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:979
msgid "create_homedir (bool)"
msgstr "create_homedir (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:884
+#: sssd.conf.5.xml:982
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
@@ -1537,18 +1720,18 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888 sssd.conf.5.xml:900
+#: sssd.conf.5.xml:986 sssd.conf.5.xml:998
msgid "Default: TRUE"
msgstr "Типове значення: TRUE"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:893
+#: sssd.conf.5.xml:991
msgid "remove_homedir (bool)"
msgstr "remove_homedir (булівське значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:896
+#: sssd.conf.5.xml:994
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
@@ -1556,13 +1739,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:905
+#: sssd.conf.5.xml:1003
msgid "homedir_umask (integer)"
msgstr "homedir_umask (ціле число)"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:908
+#: sssd.conf.5.xml:1006
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -1574,19 +1757,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:1014
msgid "Default: 077"
msgstr "Типове значення: 077"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:921
+#: sssd.conf.5.xml:1019
msgid "skel_dir (string)"
msgstr "skel_dir (рядок)"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:1022
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -1596,19 +1779,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:934
+#: sssd.conf.5.xml:1032
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Типове значення: <filename>/etc/skel</filename>"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:939
+#: sssd.conf.5.xml:1037
msgid "mail_dir (string)"
msgstr "mail_dir (рядок)"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:942
+#: sssd.conf.5.xml:1040
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -1617,19 +1800,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:949
+#: sssd.conf.5.xml:1047
msgid "Default: <filename>/var/mail</filename>"
msgstr "Типове значення: <filename>/var/mail</filename>"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:954
+#: sssd.conf.5.xml:1052
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (рядок)"
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:957
+#: sssd.conf.5.xml:1055
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -1638,20 +1821,20 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:1061
msgid "Default: None, no command is run"
msgstr "Типове значення: None, не виконувати жодних команд"
# type: Content of: <reference><refentry><refsect1><title>
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:973 sssd-ldap.5.xml:1432 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:188 sssd-krb5.5.xml:414
+#: sssd.conf.5.xml:1071 sssd-ldap.5.xml:1520 sssd-simple.5.xml:126
+#: sssd-ipa.5.xml:230 sssd-krb5.5.xml:414
msgid "EXAMPLE"
msgstr "ПРИКЛАД"
# type: Content of: <reference><refentry><refsect1><para><programlisting>
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1077
#, no-wrap
msgid ""
"[sssd]\n"
@@ -1705,7 +1888,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:975
+#: sssd.conf.5.xml:1073
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -1715,7 +1898,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para>
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1010
+#: sssd.conf.5.xml:1108
msgid ""
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
@@ -1796,25 +1979,45 @@ msgstr "ПАРАМЕТРИ НАЛАШТУВАННЯ"
msgid "ldap_uri (string)"
msgstr "ldap_uri (рядок)"
-# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:63
msgid ""
-"Specifies the list of URIs of the LDAP servers to which SSSD should connect "
-"in the order of preference. Refer to the <quote>FAILOVER</quote> section for "
-"more information on failover and server redundancy. If not specified, "
-"service discovery is enabled. For more information, refer to the "
-"<quote>SERVICE DISCOVERY</quote> section."
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
+"should connect in the order of preference. Refer to the <quote>FAILOVER</"
+"quote> section for more information on failover and server redundancy. If "
+"not specified, service discovery is enabled. For more information, refer to "
+"the <quote>SERVICE DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:70
+msgid "The format of the URI must match the format defined in RFC 2732:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:73
+msgid "ldap[s]://&lt;host&gt;[:port]"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:76
+msgid ""
+"For explicit IPv6 addresses, &lt;host&gt; must be enclosed in brackets []"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:79
+msgid "example: ldap://[fc00::126:25]:389"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:73
+#: sssd-ldap.5.xml:85
msgid "ldap_chpass_uri (string)"
msgstr "ldap_chpass_uri (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:76
+#: sssd-ldap.5.xml:88
msgid ""
"Specifies the list of URIs of the LDAP servers to which SSSD should connect "
"in the order of preference to change the password of a user. Refer to the "
@@ -1823,26 +2026,26 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:83
+#: sssd-ldap.5.xml:95
msgid "To enable service discovery ldap_chpass_dns_service_name must be set."
msgstr ""
"Для того, щоб уможливити визначення служб, слід встановити значення "
"параметра ldap_chpass_dns_service_name."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:87
+#: sssd-ldap.5.xml:99
msgid "Default: empty, i.e. ldap_uri is used."
msgstr "Типове значення: порожнє, тобто використовується ldap_uri."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:93
+#: sssd-ldap.5.xml:105
msgid "ldap_search_base (string)"
msgstr "ldap_search_base (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:96
+#: sssd-ldap.5.xml:108
msgid "The default base DN to use for performing LDAP user operations."
msgstr ""
"Типова базова назва домену, яку слід використовувати для виконання дій від "
@@ -1850,7 +2053,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:100
+#: sssd-ldap.5.xml:112
msgid ""
"Default: If not set the value of the defaultNamingContext or namingContexts "
"attribute from the RootDSE of the LDAP server is used. If "
@@ -1862,13 +2065,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:114
+#: sssd-ldap.5.xml:126
msgid "ldap_schema (string)"
msgstr "ldap_schema (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:117
+#: sssd-ldap.5.xml:129
msgid ""
"Specifies the Schema Type in use on the target LDAP server. Depending on "
"the selected schema, the default attribute names retrieved from the servers "
@@ -1883,19 +2086,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:136
+#: sssd-ldap.5.xml:148
msgid "Default: rfc2307"
msgstr "Типове значення: rfc2307"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:142
+#: sssd-ldap.5.xml:154
msgid "ldap_default_bind_dn (string)"
msgstr "ldap_default_bind_dn (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:145
+#: sssd-ldap.5.xml:157
msgid "The default bind DN to use for performing LDAP operations."
msgstr ""
"Типова назва домену прив’язки, яку слід використовувати для виконання дій "
@@ -1903,43 +2106,51 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:152
+#: sssd-ldap.5.xml:164
msgid "ldap_default_authtok_type (string)"
msgstr "ldap_default_authtok_type (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:155
+#: sssd-ldap.5.xml:167
msgid "The type of the authentication token of the default bind DN."
msgstr "Тип розпізнавання для типової назви сервера прив’язки."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:159
+#: sssd-ldap.5.xml:171
msgid "The two mechanisms currently supported are:"
msgstr "У поточній версії передбачено підтримку двох механізмів:"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:162
+#: sssd-ldap.5.xml:174
msgid "password"
msgstr "password"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:165
+#: sssd-ldap.5.xml:177
msgid "obfuscated_password"
msgstr "obfuscated_password"
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:180
+#, fuzzy
+#| msgid "Default: hard"
+msgid "Default: password"
+msgstr "Типове значення: hard"
+
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:171
+#: sssd-ldap.5.xml:186
msgid "ldap_default_authtok (string)"
msgstr "ldap_default_authtok (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:174
+#: sssd-ldap.5.xml:189
msgid ""
"The authentication token of the default bind DN. Only clear text passwords "
"are currently supported."
@@ -1949,157 +2160,157 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:181
+#: sssd-ldap.5.xml:196
msgid "ldap_user_object_class (string)"
msgstr "ldap_user_object_class (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:184
+#: sssd-ldap.5.xml:199
msgid "The object class of a user entry in LDAP."
msgstr "Клас об’єктів запису користувача у LDAP."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:187
+#: sssd-ldap.5.xml:202
msgid "Default: posixAccount"
msgstr "Типове значення: posixAccount"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:193
+#: sssd-ldap.5.xml:208
msgid "ldap_user_name (string)"
msgstr "ldap_user_name (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:196
+#: sssd-ldap.5.xml:211
msgid "The LDAP attribute that corresponds to the user's login name."
msgstr "Атрибут LDAP, що відповідає назві облікового запису користувача."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:200
+#: sssd-ldap.5.xml:215
msgid "Default: uid"
msgstr "Типове значення: uid"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:206
+#: sssd-ldap.5.xml:221
msgid "ldap_user_uid_number (string)"
msgstr "ldap_user_uid_number (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:209
+#: sssd-ldap.5.xml:224
msgid "The LDAP attribute that corresponds to the user's id."
msgstr "Атрибут LDAP, що відповідає ідентифікатору користувача."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:213
+#: sssd-ldap.5.xml:228
msgid "Default: uidNumber"
msgstr "Типове значення: uidNumber"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:219
+#: sssd-ldap.5.xml:234
msgid "ldap_user_gid_number (string)"
msgstr "ldap_user_gid_number (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:222
+#: sssd-ldap.5.xml:237
msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr "Атрибут LDAP, що відповідає ідентифікатору основної групи користувача."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:642
+#: sssd-ldap.5.xml:241 sssd-ldap.5.xml:698
msgid "Default: gidNumber"
msgstr "Типове значення: gidNumber"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:232
+#: sssd-ldap.5.xml:247
msgid "ldap_user_gecos (string)"
msgstr "ldap_user_gecos (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:235
+#: sssd-ldap.5.xml:250
msgid "The LDAP attribute that corresponds to the user's gecos field."
msgstr "Атрибут LDAP, що відповідає полю gecos користувача."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:239
+#: sssd-ldap.5.xml:254
msgid "Default: gecos"
msgstr "Типове значення: gecos"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:245
+#: sssd-ldap.5.xml:260
msgid "ldap_user_home_directory (string)"
msgstr "ldap_user_home_directory (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:248
+#: sssd-ldap.5.xml:263
msgid "The LDAP attribute that contains the name of the user's home directory."
msgstr "Атрибут LDAP, що містить назву домашнього каталогу користувача."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:252
+#: sssd-ldap.5.xml:267
msgid "Default: homeDirectory"
msgstr "Типове значення: homeDirectory"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:258
+#: sssd-ldap.5.xml:273
msgid "ldap_user_shell (string)"
msgstr "ldap_user_shell (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:261
+#: sssd-ldap.5.xml:276
msgid "The LDAP attribute that contains the path to the user's default shell."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:265
+#: sssd-ldap.5.xml:280
msgid "Default: loginShell"
msgstr "Типове значення: loginShell"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:271
+#: sssd-ldap.5.xml:286
msgid "ldap_user_uuid (string)"
msgstr "ldap_user_uuid (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:274
+#: sssd-ldap.5.xml:289
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:668 sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:293 sssd-ldap.5.xml:724 sssd-ldap.5.xml:817
msgid "Default: nsUniqueId"
msgstr "Типове значення: nsUniqueId"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:284
+#: sssd-ldap.5.xml:299
msgid "ldap_user_modify_timestamp (string)"
msgstr "ldap_user_modify_timestamp (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:677 sssd-ldap.5.xml:770
+#: sssd-ldap.5.xml:302 sssd-ldap.5.xml:733 sssd-ldap.5.xml:826
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
@@ -2107,19 +2318,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:681 sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:306 sssd-ldap.5.xml:737 sssd-ldap.5.xml:830
msgid "Default: modifyTimestamp"
msgstr "Типове значення: modifyTimestamp"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:297
+#: sssd-ldap.5.xml:312
msgid "ldap_user_shadow_last_change (string)"
msgstr "ldap_user_shadow_last_change (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:300
+#: sssd-ldap.5.xml:315
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -2129,19 +2340,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:310
+#: sssd-ldap.5.xml:325
msgid "Default: shadowLastChange"
msgstr "Типове значення: shadowLastChange"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:316
+#: sssd-ldap.5.xml:331
msgid "ldap_user_shadow_min (string)"
msgstr "ldap_user_shadow_min (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:319
+#: sssd-ldap.5.xml:334
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -2151,19 +2362,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:328
+#: sssd-ldap.5.xml:343
msgid "Default: shadowMin"
msgstr "Типове значення: shadowMin"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:334
+#: sssd-ldap.5.xml:349
msgid "ldap_user_shadow_max (string)"
msgstr "ldap_user_shadow_max (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:337
+#: sssd-ldap.5.xml:352
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -2173,19 +2384,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:346
+#: sssd-ldap.5.xml:361
msgid "Default: shadowMax"
msgstr "Типове значення: shadowMax"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:352
+#: sssd-ldap.5.xml:367
msgid "ldap_user_shadow_warning (string)"
msgstr "ldap_user_shadow_warning (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:355
+#: sssd-ldap.5.xml:370
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -2195,19 +2406,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:365
+#: sssd-ldap.5.xml:380
msgid "Default: shadowWarning"
msgstr "Типове значення: shadowWarning"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:371
+#: sssd-ldap.5.xml:386
msgid "ldap_user_shadow_inactive (string)"
msgstr "ldap_user_shadow_inactive (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:374
+#: sssd-ldap.5.xml:389
msgid ""
"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
@@ -2217,18 +2428,18 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:384
+#: sssd-ldap.5.xml:399
msgid "Default: shadowInactive"
msgstr "Типове значення: shadowInactive"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:390
+#: sssd-ldap.5.xml:405
msgid "ldap_user_shadow_expire (string)"
msgstr "ldap_user_shadow_expire (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:393
+#: sssd-ldap.5.xml:408
msgid ""
"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this "
"parameter contains the name of an LDAP attribute corresponding to its "
@@ -2238,19 +2449,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:403
+#: sssd-ldap.5.xml:418
msgid "Default: shadowExpire"
msgstr "Типове значення: shadowExpire"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:409
+#: sssd-ldap.5.xml:424
msgid "ldap_user_krb_last_pwd_change (string)"
msgstr "ldap_user_krb_last_pwd_change (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:412
+#: sssd-ldap.5.xml:427
msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time of last password change in "
@@ -2259,19 +2470,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:418
+#: sssd-ldap.5.xml:433
msgid "Default: krbLastPwdChange"
msgstr "Типове значення: krbLastPwdChange"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:424
+#: sssd-ldap.5.xml:439
msgid "ldap_user_krb_password_expiration (string)"
msgstr "ldap_user_krb_password_expiration (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:427
+#: sssd-ldap.5.xml:442
msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time when current password expires."
@@ -2279,18 +2490,18 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:433
+#: sssd-ldap.5.xml:448
msgid "Default: krbPasswordExpiration"
msgstr "Типове значення: krbPasswordExpiration"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:439
+#: sssd-ldap.5.xml:454
msgid "ldap_user_ad_account_expires (string)"
msgstr "ldap_user_ad_account_expires (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:442
+#: sssd-ldap.5.xml:457
msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the expiration time of the account."
@@ -2298,18 +2509,18 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:447
+#: sssd-ldap.5.xml:462
msgid "Default: accountExpires"
msgstr "Типове значення: accountExpires"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:453
+#: sssd-ldap.5.xml:468
msgid "ldap_user_ad_user_account_control (string)"
msgstr "ldap_user_ad_user_account_control (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:456
+#: sssd-ldap.5.xml:471
msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the user account control bit field."
@@ -2317,18 +2528,18 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:461
+#: sssd-ldap.5.xml:476
msgid "Default: userAccountControl"
msgstr "Типове значення: userAccountControl"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:467
+#: sssd-ldap.5.xml:482
msgid "ldap_ns_account_lock (string)"
msgstr "ldap_ns_account_lock (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:470
+#: sssd-ldap.5.xml:485
msgid ""
"When using ldap_account_expire_policy=rhds or equivalent, this parameter "
"determines if access is allowed or not."
@@ -2336,19 +2547,80 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:475
+#: sssd-ldap.5.xml:490
msgid "Default: nsAccountLock"
msgstr "Типове значення: nsAccountLock"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:481
+#: sssd-ldap.5.xml:496
+#, fuzzy
+#| msgid "ldap_user_principal (string)"
+msgid "ldap_user_nds_login_disabled (string)"
+msgstr "ldap_user_principal (рядок)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:499
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines if "
+"access is allowed or not."
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:503 sssd-ldap.5.xml:517
+#, fuzzy
+#| msgid "Default: loginShell"
+msgid "Default: loginDisabled"
+msgstr "Типове значення: loginShell"
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:509
+#, fuzzy
+#| msgid "ldap_user_krb_password_expiration (string)"
+msgid "ldap_user_nds_login_expiration_time (string)"
+msgstr "ldap_user_krb_password_expiration (рядок)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:512
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines until "
+"which date access is granted."
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:523
+#, fuzzy
+#| msgid "ldap_user_shadow_max (string)"
+msgid "ldap_user_nds_login_allowed_time_map (string)"
+msgstr "ldap_user_shadow_max (рядок)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:526
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines the "
+"hours of a day in a week when access is granted."
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:531
+#, fuzzy
+#| msgid "Default: loginShell"
+msgid "Default: loginAllowedTimeMap"
+msgstr "Типове значення: loginShell"
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:537
msgid "ldap_user_principal (string)"
msgstr "ldap_user_principal (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:484
+#: sssd-ldap.5.xml:540
msgid ""
"The LDAP attribute that contains the user's Kerberos User Principal Name "
"(UPN)."
@@ -2356,19 +2628,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:488
+#: sssd-ldap.5.xml:544
msgid "Default: krbPrincipalName"
msgstr "Типове значення: krbPrincipalName"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:494
+#: sssd-ldap.5.xml:550
msgid "ldap_force_upper_case_realm (boolean)"
msgstr "ldap_force_upper_case_realm (булеве значення)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:497
+#: sssd-ldap.5.xml:553
msgid ""
"Some directory servers, for example Active Directory, might deliver the "
"realm part of the UPN in lower case, which might cause the authentication to "
@@ -2378,20 +2650,20 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:504 sssd-ldap.5.xml:995 sssd-ipa.5.xml:115 sssd.8.xml:64
+#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:1074 sssd-ipa.5.xml:115 sssd.8.xml:64
#: sssd-krb5.5.xml:235 sssd-krb5.5.xml:266
msgid "Default: false"
msgstr "Типове значення: false"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:510
+#: sssd-ldap.5.xml:566
msgid "ldap_enumeration_refresh_timeout (integer)"
msgstr "ldap_enumeration_refresh_timeout (ціле число)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:513
+#: sssd-ldap.5.xml:569
msgid ""
"The LDAP attribute that contains how many seconds SSSD has to wait before "
"refreshing its cache of enumerated records."
@@ -2399,19 +2671,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:518
+#: sssd-ldap.5.xml:574
msgid "Default: 300"
msgstr "Типове значення: 300"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:524
+#: sssd-ldap.5.xml:580
msgid "ldap_purge_cache_timeout"
msgstr "ldap_purge_cache_timeout"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:527
+#: sssd-ldap.5.xml:583
msgid ""
"Determine how often to check the cache for inactive entries (such as groups "
"with no members and users who have never logged in) and remove them to save "
@@ -2420,60 +2692,60 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:533
+#: sssd-ldap.5.xml:589
msgid "Setting this option to zero will disable the cache cleanup operation."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:537
+#: sssd-ldap.5.xml:593
msgid "Default: 10800 (12 hours)"
msgstr "Типове значення: 10800 (12 годин)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:543
+#: sssd-ldap.5.xml:599
msgid "ldap_user_fullname (string)"
msgstr "ldap_user_fullname (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:546
+#: sssd-ldap.5.xml:602
msgid "The LDAP attribute that corresponds to the user's full name."
msgstr "Атрибут LDAP, що відповідає повному імені користувача."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:550 sssd-ldap.5.xml:629 sssd-ldap.5.xml:722
+#: sssd-ldap.5.xml:606 sssd-ldap.5.xml:685 sssd-ldap.5.xml:778
msgid "Default: cn"
msgstr "Типове значення: cn"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:556
+#: sssd-ldap.5.xml:612
msgid "ldap_user_member_of (string)"
msgstr "ldap_user_member_of (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:559
+#: sssd-ldap.5.xml:615
msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:563
+#: sssd-ldap.5.xml:619
msgid "Default: memberOf"
msgstr "Типове значення: memberOf"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:569
+#: sssd-ldap.5.xml:625
msgid "ldap_user_authorized_service (string)"
msgstr "ldap_user_authorized_service (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:572
+#: sssd-ldap.5.xml:628
msgid ""
"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will "
"use the presence of the authorizedService attribute in the user's LDAP entry "
@@ -2481,27 +2753,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:579
+#: sssd-ldap.5.xml:635
msgid ""
"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
"explicit allow (svc) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:584
+#: sssd-ldap.5.xml:640
msgid "Default: authorizedService"
msgstr "Типове значення: authorizedService"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:590
+#: sssd-ldap.5.xml:646
#, fuzzy
#| msgid "ldap_user_authorized_service (string)"
msgid "ldap_user_authorized_host (string)"
msgstr "ldap_user_authorized_service (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:593
+#: sssd-ldap.5.xml:649
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -2509,7 +2781,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:599
+#: sssd-ldap.5.xml:655
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
@@ -2517,7 +2789,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:604
+#: sssd-ldap.5.xml:660
#, fuzzy
#| msgid "Default: root"
msgid "Default: host"
@@ -2525,91 +2797,91 @@ msgstr "Типове значення: root"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:610
+#: sssd-ldap.5.xml:666
msgid "ldap_group_object_class (string)"
msgstr "ldap_group_object_class (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:613
+#: sssd-ldap.5.xml:669
msgid "The object class of a group entry in LDAP."
msgstr "Клас об’єктів запису групи у LDAP."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:616
+#: sssd-ldap.5.xml:672
msgid "Default: posixGroup"
msgstr "Типове значення: posixGroup"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:622
+#: sssd-ldap.5.xml:678
msgid "ldap_group_name (string)"
msgstr "ldap_group_name (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:625
+#: sssd-ldap.5.xml:681
msgid "The LDAP attribute that corresponds to the group name."
msgstr "Атрибут LDAP, що відповідає назві групи."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:635
+#: sssd-ldap.5.xml:691
msgid "ldap_group_gid_number (string)"
msgstr "ldap_group_gid_number (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:638
+#: sssd-ldap.5.xml:694
msgid "The LDAP attribute that corresponds to the group's id."
msgstr "Атрибут LDAP, що відповідає ідентифікатору групи."
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:648
+#: sssd-ldap.5.xml:704
msgid "ldap_group_member (string)"
msgstr "ldap_group_member (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:651
+#: sssd-ldap.5.xml:707
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:655
+#: sssd-ldap.5.xml:711
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr "Типове значення: memberuid (rfc2307) / member (rfc2307bis)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:661
+#: sssd-ldap.5.xml:717
msgid "ldap_group_uuid (string)"
msgstr "ldap_group_uuid (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:664
+#: sssd-ldap.5.xml:720
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:674
+#: sssd-ldap.5.xml:730
msgid "ldap_group_modify_timestamp (string)"
msgstr "ldap_group_modify_timestamp (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:687
+#: sssd-ldap.5.xml:743
msgid "ldap_group_nesting_level (integer)"
msgstr "ldap_group_nesting_level (ціле число)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:690
+#: sssd-ldap.5.xml:746
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -2618,104 +2890,104 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:697
+#: sssd-ldap.5.xml:753
msgid "Default: 2"
msgstr "Типове значення: 2"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:703
+#: sssd-ldap.5.xml:759
msgid "ldap_netgroup_object_class (string)"
msgstr "ldap_netgroup_object_class (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:706
+#: sssd-ldap.5.xml:762
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:709
+#: sssd-ldap.5.xml:765
msgid "Default: nisNetgroup"
msgstr "Типове значення: nisNetgroup"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:715
+#: sssd-ldap.5.xml:771
msgid "ldap_netgroup_name (string)"
msgstr "ldap_netgroup_name (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:718
+#: sssd-ldap.5.xml:774
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:728
+#: sssd-ldap.5.xml:784
msgid "ldap_netgroup_member (string)"
msgstr "ldap_netgroup_member (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:731
+#: sssd-ldap.5.xml:787
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:791
msgid "Default: memberNisNetgroup"
msgstr "Типове значення: memberNisNetgroup"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:741
+#: sssd-ldap.5.xml:797
msgid "ldap_netgroup_triple (string)"
msgstr "ldap_netgroup_triple (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:744
+#: sssd-ldap.5.xml:800
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:748
+#: sssd-ldap.5.xml:804
msgid "Default: nisNetgroupTriple"
msgstr "Типове значення: nisNetgroupTriple"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:754
+#: sssd-ldap.5.xml:810
msgid "ldap_netgroup_uuid (string)"
msgstr "ldap_netgroup_uuid (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:757
+#: sssd-ldap.5.xml:813
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:767
+#: sssd-ldap.5.xml:823
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr "ldap_netgroup_modify_timestamp (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:780
+#: sssd-ldap.5.xml:836
msgid "ldap_search_timeout (integer)"
msgstr "ldap_search_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:783
+#: sssd-ldap.5.xml:839
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -2723,7 +2995,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:789
+#: sssd-ldap.5.xml:845
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -2732,18 +3004,18 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:795 sssd-ldap.5.xml:837 sssd-ldap.5.xml:852
+#: sssd-ldap.5.xml:851 sssd-ldap.5.xml:893 sssd-ldap.5.xml:908
msgid "Default: 6"
msgstr "Типове значення: 6"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:801
+#: sssd-ldap.5.xml:857
msgid "ldap_enumeration_search_timeout (integer)"
msgstr "ldap_enumeration_search_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:804
+#: sssd-ldap.5.xml:860
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -2752,19 +3024,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:811
+#: sssd-ldap.5.xml:867
msgid "Default: 60"
msgstr "Типове значення: 60"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:817
+#: sssd-ldap.5.xml:873
msgid "ldap_network_timeout (integer)"
msgstr "ldap_network_timeout (ціле число)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:820
+#: sssd-ldap.5.xml:876
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -2776,13 +3048,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:843
+#: sssd-ldap.5.xml:899
msgid "ldap_opt_timeout (integer)"
msgstr "ldap_opt_timeout (ціле число)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:846
+#: sssd-ldap.5.xml:902
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -2791,14 +3063,14 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:858
+#: sssd-ldap.5.xml:914
#, fuzzy
#| msgid "ldap_opt_timeout (integer)"
msgid "ldap_page_size (integer)"
msgstr "ldap_opt_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:861
+#: sssd-ldap.5.xml:917
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
@@ -2806,7 +3078,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:866
+#: sssd-ldap.5.xml:922
#, fuzzy
#| msgid "Default: 10"
msgid "Default: 1000"
@@ -2814,13 +3086,38 @@ msgstr "Типове значення: 10"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:872
+#: sssd-ldap.5.xml:928
+#, fuzzy
+#| msgid "ldap_search_timeout (integer)"
+msgid "ldap_deref_threshold (integer)"
+msgstr "ldap_search_timeout (ціле число)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:931
+msgid ""
+"Specify the number of group members that must be missing from the internal "
+"cache in order to trigger a dereference lookup. If less members are missing, "
+"they are looked up individually."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:937
+msgid ""
+"A dereference lookup is a means of fetching all group members in a single "
+"LDAP call. Different LDAP servers may implement different dereference "
+"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active "
+"Directory."
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:951
msgid "ldap_tls_reqcert (string)"
msgstr "ldap_tls_reqcert (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:875
+#: sssd-ldap.5.xml:954
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
@@ -2828,7 +3125,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:881
+#: sssd-ldap.5.xml:960
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
@@ -2836,7 +3133,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:885
+#: sssd-ldap.5.xml:964
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -2845,7 +3142,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:892
+#: sssd-ldap.5.xml:971
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -2854,7 +3151,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:898
+#: sssd-ldap.5.xml:977
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -2863,25 +3160,25 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:904
+#: sssd-ldap.5.xml:983
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr "<emphasis>hard</emphasis> = те саме, що і <quote>demand</quote>"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:908
+#: sssd-ldap.5.xml:987
msgid "Default: hard"
msgstr "Типове значення: hard"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:914
+#: sssd-ldap.5.xml:993
msgid "ldap_tls_cacert (string)"
msgstr "ldap_tls_cacert (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:917
+#: sssd-ldap.5.xml:996
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
@@ -2889,7 +3186,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:922 sssd-ldap.5.xml:940 sssd-ldap.5.xml:981
+#: sssd-ldap.5.xml:1001 sssd-ldap.5.xml:1019 sssd-ldap.5.xml:1060
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
@@ -2897,13 +3194,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:1008
msgid "ldap_tls_cacertdir (string)"
msgstr "ldap_tls_cacertdir (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:1011
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -2913,42 +3210,42 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:947
+#: sssd-ldap.5.xml:1026
msgid "ldap_tls_cert (string)"
msgstr "ldap_tls_cert (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:950
+#: sssd-ldap.5.xml:1029
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:954 sssd-ldap.5.xml:966 sssd-ldap.5.xml:1395
-#: sssd-ldap.5.xml:1418 sssd-krb5.5.xml:356
+#: sssd-ldap.5.xml:1033 sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1483
+#: sssd-ldap.5.xml:1506 sssd-krb5.5.xml:356
msgid "Default: not set"
msgstr "Типове значення: not set"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:960
+#: sssd-ldap.5.xml:1039
msgid "ldap_tls_key (string)"
msgstr "ldap_tls_key (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:1042
msgid "Specifies the file that contains the client's key."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:972
+#: sssd-ldap.5.xml:1051
msgid "ldap_tls_cipher_suite (string)"
msgstr "ldap_tls_cipher_suite (рядок)"
# type: Content of: <reference><refentry><refsect1><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:975
+#: sssd-ldap.5.xml:1054
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -2957,13 +3254,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:988
+#: sssd-ldap.5.xml:1067
msgid "ldap_id_use_start_tls (boolean)"
msgstr "ldap_id_use_start_tls (булеве значення)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:991
+#: sssd-ldap.5.xml:1070
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
@@ -2971,13 +3268,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1001
+#: sssd-ldap.5.xml:1080
msgid "ldap_sasl_mech (string)"
msgstr "ldap_sasl_mech (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1004
+#: sssd-ldap.5.xml:1083
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
@@ -2985,19 +3282,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1136
+#: sssd-ldap.5.xml:1087 sssd-ldap.5.xml:1215
msgid "Default: none"
msgstr "Типове значення: none"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1014
+#: sssd-ldap.5.xml:1093
msgid "ldap_sasl_authid (string)"
msgstr "ldap_sasl_authid (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1017
+#: sssd-ldap.5.xml:1096
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory."
@@ -3005,37 +3302,37 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1022
+#: sssd-ldap.5.xml:1101
msgid "Default: host/machine.fqdn@REALM"
msgstr "Типове значення: вузол/комп’ютер.fqdn@ОБЛАСТЬ"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1028
+#: sssd-ldap.5.xml:1107
msgid "ldap_krb5_keytab (string)"
msgstr "ldap_krb5_keytab (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1031
+#: sssd-ldap.5.xml:1110
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1034
+#: sssd-ldap.5.xml:1113
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1119
msgid "ldap_krb5_init_creds (boolean)"
msgstr "ldap_krb5_init_creds (булеве значення)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1043
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3044,31 +3341,31 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1055
+#: sssd-ldap.5.xml:1134
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr "ldap_krb5_ticket_lifetime (ціле число)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1058
+#: sssd-ldap.5.xml:1137
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1062
+#: sssd-ldap.5.xml:1141
msgid "Default: 86400 (24 hours)"
msgstr "Типове значення: 86400 (24 години)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1147 sssd-krb5.5.xml:74
msgid "krb5_server (string)"
msgstr "krb5_server (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071 sssd-krb5.5.xml:77
+#: sssd-ldap.5.xml:1150 sssd-krb5.5.xml:77
msgid ""
"Specifies the list of IP addresses or hostnames of the Kerberos servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -3079,7 +3376,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1162 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3088,7 +3385,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1088 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1167 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3097,19 +3394,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1097 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1176 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr "krb5_realm (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1100
+#: sssd-ldap.5.xml:1179
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1103
+#: sssd-ldap.5.xml:1182
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
"Типове значення: типове значення системи, див. <filename>/etc/krb5.conf</"
@@ -3117,13 +3414,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1109
+#: sssd-ldap.5.xml:1188
msgid "ldap_pwd_policy (string)"
msgstr "ldap_pwd_policy (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1112
+#: sssd-ldap.5.xml:1191
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
@@ -3131,7 +3428,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1117
+#: sssd-ldap.5.xml:1196
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
@@ -3139,7 +3436,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1122
+#: sssd-ldap.5.xml:1201
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3149,7 +3446,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1130
+#: sssd-ldap.5.xml:1209
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -3158,19 +3455,19 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1142
+#: sssd-ldap.5.xml:1221
msgid "ldap_referrals (boolean)"
msgstr "ldap_referrals (булеве значення)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1145
+#: sssd-ldap.5.xml:1224
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1228
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
@@ -3178,49 +3475,49 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1160
+#: sssd-ldap.5.xml:1239
msgid "ldap_dns_service_name (string)"
msgstr "ldap_dns_service_name (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1242
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1167
+#: sssd-ldap.5.xml:1246
msgid "Default: ldap"
msgstr "Типове значення: ldap"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1173
+#: sssd-ldap.5.xml:1252
msgid "ldap_chpass_dns_service_name (string)"
msgstr "ldap_chpass_dns_service_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1176
+#: sssd-ldap.5.xml:1255
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1181
+#: sssd-ldap.5.xml:1260
msgid "Default: not set, i.e. service discovery is disabled"
msgstr "Типове значення: не встановлено, тобто пошук служб вимкнено"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1187
+#: sssd-ldap.5.xml:1266
msgid "ldap_access_filter (string)"
msgstr "ldap_access_filter (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1190
+#: sssd-ldap.5.xml:1269
msgid ""
"If using access_provider = ldap, this option is mandatory. It specifies an "
"LDAP search filter criteria that must be met for the user to be granted "
@@ -3231,13 +3528,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1200 sssd-ldap.5.xml:1398
+#: sssd-ldap.5.xml:1279 sssd-ldap.5.xml:1486
msgid "Example:"
msgstr "Приклад:"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1203
+#: sssd-ldap.5.xml:1282
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -3250,7 +3547,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1286
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
@@ -3258,7 +3555,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1291
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -3268,25 +3565,25 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1220 sssd-ldap.5.xml:1261
+#: sssd-ldap.5.xml:1299 sssd-ldap.5.xml:1349
msgid "Default: Empty"
msgstr "Типове значення: порожній рядок"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1226
+#: sssd-ldap.5.xml:1305
msgid "ldap_account_expire_policy (string)"
msgstr "ldap_account_expire_policy (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1308
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1312
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -3294,19 +3591,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1240
+#: sssd-ldap.5.xml:1319
msgid "The following values are allowed:"
msgstr "Можна використовувати такі значення:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1243
+#: sssd-ldap.5.xml:1322
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1248
+#: sssd-ldap.5.xml:1327
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -3315,21 +3612,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1255
+#: sssd-ldap.5.xml:1334
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
"allowed or not."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1340
+msgid ""
+"<emphasis>nds</emphasis>: the values of "
+"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
+"ldap_user_nds_login_expiration_time are used to check if access is allowed. "
+"If both attributes are missing access is granted."
+msgstr ""
+
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1355
msgid "ldap_access_order (string)"
msgstr "ldap_access_order (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1270
+#: sssd-ldap.5.xml:1358
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
"Список відокремлених комами параметрів керування доступом. Можливі значення "
@@ -3337,18 +3643,18 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1362
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr "<emphasis>filter</emphasis>: використовувати ldap_access_filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1277
+#: sssd-ldap.5.xml:1365
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
"<emphasis>expire</emphasis>: використовувати ldap_account_expire_policy"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1281
+#: sssd-ldap.5.xml:1369
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -3357,7 +3663,7 @@ msgstr ""
"можливості доступу атрибут authorizedService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1374
#, fuzzy
#| msgid ""
#| "<emphasis>authorized_service</emphasis>: use the authorizedService "
@@ -3369,12 +3675,12 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1378
msgid "Default: filter"
msgstr "Типове значення: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1293
+#: sssd-ldap.5.xml:1381
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -3382,13 +3688,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1300
+#: sssd-ldap.5.xml:1388
msgid "ldap_deref (string)"
msgstr "ldap_deref (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1303
+#: sssd-ldap.5.xml:1391
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -3396,13 +3702,13 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1308
+#: sssd-ldap.5.xml:1396
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1312
+#: sssd-ldap.5.xml:1400
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -3410,7 +3716,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1317
+#: sssd-ldap.5.xml:1405
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -3418,7 +3724,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1322
+#: sssd-ldap.5.xml:1410
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -3426,7 +3732,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1327
+#: sssd-ldap.5.xml:1415
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -3444,70 +3750,70 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><title>
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1339
+#: sssd-ldap.5.xml:1427
msgid "ADVANCED OPTIONS"
msgstr "ДОДАТКОВІ ПАРАМЕТРИ"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1346
+#: sssd-ldap.5.xml:1434
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1349
+#: sssd-ldap.5.xml:1437
msgid ""
"An optional base DN to restrict netgroup searches to a specific subtree."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1353 sssd-ldap.5.xml:1367 sssd-ldap.5.xml:1381
+#: sssd-ldap.5.xml:1441 sssd-ldap.5.xml:1455 sssd-ldap.5.xml:1469
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr "Типове значення: значення <emphasis>ldap_search_base</emphasis>"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1360
+#: sssd-ldap.5.xml:1448
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1451
msgid "An optional base DN to restrict user searches to a specific subtree."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1374
+#: sssd-ldap.5.xml:1462
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (рядок)"
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1377
+#: sssd-ldap.5.xml:1465
msgid "An optional base DN to restrict group searches to a specific subtree."
msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1388
+#: sssd-ldap.5.xml:1476
#, fuzzy
#| msgid "ldap_user_search_base (string)"
msgid "ldap_user_search_filter (string)"
msgstr "ldap_user_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1391
+#: sssd-ldap.5.xml:1479
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1401
+#: sssd-ldap.5.xml:1489
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -3515,7 +3821,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1404
+#: sssd-ldap.5.xml:1492
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
@@ -3523,21 +3829,21 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1411
+#: sssd-ldap.5.xml:1499
#, fuzzy
#| msgid "ldap_group_search_base (string)"
msgid "ldap_group_search_filter (string)"
msgstr "ldap_group_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1414
+#: sssd-ldap.5.xml:1502
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1341
+#: sssd-ldap.5.xml:1429
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -3546,7 +3852,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para>
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1434
+#: sssd-ldap.5.xml:1522
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -3555,7 +3861,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><programlisting>
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:1440
+#: sssd-ldap.5.xml:1528
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -3577,20 +3883,20 @@ msgstr ""
" enumerate = true\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1439 sssd-simple.5.xml:134 sssd-ipa.5.xml:196
+#: sssd-ldap.5.xml:1527 sssd-simple.5.xml:134 sssd-ipa.5.xml:238
#: sssd-krb5.5.xml:423
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
# type: Content of: <reference><refentry><refsect1><title>
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1453 sssd_krb5_locator_plugin.8.xml:61
+#: sssd-ldap.5.xml:1541 sssd_krb5_locator_plugin.8.xml:61
msgid "NOTES"
msgstr "ЗАУВАЖЕННЯ"
# type: Content of: <reference><refentry><refsect1><para>
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1543
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -3600,7 +3906,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para>
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1466
+#: sssd-ldap.5.xml:1554
msgid ""
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
@@ -4183,9 +4489,72 @@ msgid ""
"converted into the base DN to use for performing LDAP operations."
msgstr ""
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:179
+#, fuzzy
+#| msgid "ipa_hbac_search_base (string)"
+msgid "ipa_hbac_refresh (integer)"
+msgstr "ipa_hbac_search_base (рядок)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:182
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server. "
+"This will reduce the latency and load on the IPA server if there are many "
+"access-control requests made in a short period."
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:189
+#, fuzzy
+#| msgid "Default: gecos"
+msgid "Default: 5 (seconds)"
+msgstr "Типове значення: gecos"
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:194
+#, fuzzy
+#| msgid "ipa_hbac_search_base (string)"
+msgid "ipa_hbac_treat_deny_as (string)"
+msgstr "ipa_hbac_search_base (рядок)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:197
+msgid ""
+"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
+"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
+"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The "
+"client will support two modes of operation during this transition period:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:206
+msgid ""
+"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
+"users will be denied access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:211
+msgid ""
+"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
+"careful with this option, as it may result in opening unintended access."
+msgstr ""
+
+# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:216
+#, fuzzy
+#| msgid "Default: FALSE"
+msgid "Default: DENY_ALL"
+msgstr "Типове значення: FALSE"
+
# type: Content of: <reference><refentry><refsect1><para>
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:190
+#: sssd-ipa.5.xml:232
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -4194,7 +4563,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para><programlisting>
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:197
+#: sssd-ipa.5.xml:239
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -4209,7 +4578,7 @@ msgstr ""
# type: Content of: <reference><refentry><refsect1><para>
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:208
+#: sssd-ipa.5.xml:250
msgid ""
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</"
"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</"
@@ -4888,24 +5257,6 @@ msgstr "Типове значення: /tmp"
msgid "krb5_ccname_template (string)"
msgstr "krb5_ccname_template (рядок)"
-# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:166
-msgid "%u"
-msgstr "%u"
-
-# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:167
-msgid "login name"
-msgstr "ім'я користувача"
-
-# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:170
-msgid "%U"
-msgstr "%U"
-
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:171
@@ -4948,12 +5299,6 @@ msgstr "%h"
msgid "home directory"
msgstr "домашній каталог"
-# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:188
-msgid "%d"
-msgstr "%d"
-
# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:189
@@ -4972,18 +5317,6 @@ msgstr "%P"
msgid "the process ID of the sssd client"
msgstr "ідентифікатор процесу клієнтської частини sssd"
-# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:200
-msgid "%%"
-msgstr "%%"
-
-# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:201
-msgid "a literal '%'"
-msgstr "символ відсотків («%»)"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:160
msgid ""