summaryrefslogtreecommitdiffstats
path: root/src/man/po/de.po
diff options
context:
space:
mode:
Diffstat (limited to 'src/man/po/de.po')
-rw-r--r--src/man/po/de.po3818
1 files changed, 2365 insertions, 1453 deletions
diff --git a/src/man/po/de.po b/src/man/po/de.po
index c51b465d5..57a7e61d5 100644
--- a/src/man/po/de.po
+++ b/src/man/po/de.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-08-28 22:36+0300\n"
+"POT-Creation-Date: 2014-05-30 16:47+0300\n"
"PO-Revision-Date: 2013-07-24 12:27+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: German <trans-de@lists.fedoraproject.org>\n"
@@ -26,7 +26,7 @@ msgstr ""
#: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5
#: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5
#: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5
-#: sss_seed.8.xml:5 sss_ssh_authorizedkeys.1.xml:5
+#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5
#: sss_ssh_knownhostsproxy.1.xml:5
msgid "SSSD Manual pages"
msgstr "SSSD-Handbuchseite"
@@ -62,13 +62,13 @@ msgstr ""
"arg>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44
+#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:47
#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21
#: sssd-ad.5.xml:21 sssd-sudo.5.xml:21 sssd.8.xml:29 sss_obfuscate.8.xml:30
#: sss_useradd.8.xml:30 sssd-krb5.5.xml:21 sss_groupadd.8.xml:30
#: sss_userdel.8.xml:30 sss_groupdel.8.xml:30 sss_groupshow.8.xml:30
#: sss_usermod.8.xml:30 sss_cache.8.xml:29 sss_debuglevel.8.xml:30
-#: sss_seed.8.xml:31 sss_ssh_authorizedkeys.1.xml:30
+#: sss_seed.8.xml:31 sssd-ifp.5.xml:21 sss_ssh_authorizedkeys.1.xml:30
#: sss_ssh_knownhostsproxy.1.xml:31
msgid "DESCRIPTION"
msgstr "BESCHREIBUNG"
@@ -83,7 +83,7 @@ msgstr ""
"Befehlszeile angegebenen Änderungen widerzuspiegeln."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58
+#: sss_groupmod.8.xml:39 pam_sss.8.xml:54 sssd.8.xml:42 sss_obfuscate.8.xml:58
#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39
#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39
#: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_seed.8.xml:42
@@ -138,18 +138,19 @@ msgstr "sssd.conf"
#. type: Content of: <reference><refentry><refmeta><manvolnum>
#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11
#: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11
+#: sssd-ifp.5.xml:11
msgid "5"
msgstr "5"
#. type: Content of: <reference><refentry><refmeta><refmiscinfo>
#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12
#: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12
+#: sssd-ifp.5.xml:12
msgid "File Formats and Conventions"
msgstr "Dateiformate und Konventionen"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
-#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
-#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
+#: sssd.conf.5.xml:17
msgid "the configuration file for SSSD"
msgstr "die Konfigurationsdatei für SSSD"
@@ -224,26 +225,116 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.conf.5.xml:59
+#, fuzzy
+#| msgid "ADVANCED OPTIONS"
+msgid "GENERAL OPTIONS"
+msgstr "ERWEITERTE OPTIONEN"
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:61
+msgid "Following options are usable in more than one configuration sections."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:65
+msgid "Options usable in all sections"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:69
+msgid "debug_level (integer)"
+msgstr "debug_level (Ganzzahl)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:73
+msgid "debug_timestamps (bool)"
+msgstr "debug_timestamps (Boolesch)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:76
+msgid "Add a timestamp to the debug messages"
+msgstr "fügt den Debug-Nachrichten einen Zeitstempel hinzu"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:859
+#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1704 sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:2209 sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2292
+#: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250
+#: sssd-ad.5.xml:339 sssd-ad.5.xml:427 sssd-krb5.5.xml:490
+msgid "Default: true"
+msgstr "Voreinstellung: »true«"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:84
+msgid "debug_microseconds (bool)"
+msgstr "debug_microseconds (Boolesch)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:87
+msgid "Add microseconds to the timestamp in debug messages"
+msgstr "fügt dem Zeitstempel der Debug-Nachrichten Mikrosekunden hinzu"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:90 sssd.conf.5.xml:813 sssd.conf.5.xml:1812
+#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1481 sssd-ldap.5.xml:1500
+#: sssd-ldap.5.xml:1676 sssd-ldap.5.xml:2005 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257
+#: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462
+msgid "Default: false"
+msgstr "Voreinstellung: »false«"
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2017
+msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:99
+msgid "Options usable in SERVICE and DOMAIN sections"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:103
+msgid "timeout (integer)"
+msgstr "timeout (Ganzzahl)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:106
+msgid ""
+"Timeout in seconds between heartbeats for this service. This is used to "
+"ensure that the process is alive and capable of answering requests."
+msgstr ""
+"Zeitüberschreitung in Sekunden zwischen Herzschlägen dieses Dienstes. Dies "
+"dient dazu, sicherzustellen, dass ein Prozess läuft und in der Lage ist, "
+"Anfragen zu beantworten."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1352
+msgid "Default: 10"
+msgstr "Voreinstellung: 10"
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:121
msgid "SPECIAL SECTIONS"
msgstr "BESONDERE ABSCHNITTE"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:62
+#: sssd.conf.5.xml:124
msgid "The [sssd] section"
msgstr "Der Abschnitt [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1833
+#: sssd.conf.5.xml:133 sssd.conf.5.xml:1896
msgid "Section parameters"
msgstr "Abschnittsparameter"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:73
+#: sssd.conf.5.xml:135
msgid "config_file_version (integer)"
msgstr "config_file_version (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:76
+#: sssd.conf.5.xml:138
msgid ""
"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use "
"version 2."
@@ -252,12 +343,12 @@ msgstr ""
"Version 2."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:82
+#: sssd.conf.5.xml:144
msgid "services"
msgstr "Dienste"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:85
+#: sssd.conf.5.xml:147
msgid ""
"Comma separated list of services that are started when sssd itself starts."
msgstr ""
@@ -265,12 +356,18 @@ msgstr ""
"gestartet werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:89
+#: sssd.conf.5.xml:151
+#, fuzzy
+#| msgid ""
+#| "Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</"
+#| "phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase "
+#| "condition=\"with_ssh\">, ssh</phrase> <phrase condition="
+#| "\"with_pac_responder\">, pac</phrase>"
msgid ""
"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase> "
"<phrase condition=\"with_autofs\">, autofs</phrase> <phrase condition="
"\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder\">, pac</"
-"phrase>"
+"phrase> <phrase condition=\"with_ifp\">, ifp</phrase>"
msgstr ""
"Unterstützte Dienste: nss, pam <phrase condition=\"with_sudo\">, sudo</"
"phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase "
@@ -278,12 +375,12 @@ msgstr ""
"\">, pac</phrase>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:345
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:348
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
@@ -293,18 +390,18 @@ msgstr ""
"startet."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
+#: sssd.conf.5.xml:169 sssd.conf.5.xml:353
msgid "Default: 3"
msgstr "Voreinstellung: 3"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:111
+#: sssd.conf.5.xml:174
#, fuzzy
msgid "domains"
msgstr "IPA-Domain"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:114
+#: sssd.conf.5.xml:177
msgid ""
"A domain is a database containing user information. SSSD can use more "
"domains at the same time, but at least one must be configured or SSSD won't "
@@ -320,12 +417,12 @@ msgstr ""
"Gedankenstrichen und Unterstrichen bestehen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1563
+#: sssd.conf.5.xml:189 sssd.conf.5.xml:1625
msgid "re_expression (string)"
msgstr "re_expression (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:129
+#: sssd.conf.5.xml:192
msgid ""
"Default regular expression that describes how to parse the string containing "
"user name and domain into these components."
@@ -335,7 +432,7 @@ msgstr ""
"werden sollen."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:134
+#: sssd.conf.5.xml:197
msgid ""
"Each domain can have an individual regular expression configured. For some "
"ID providers there are also default regular expressions. See DOMAIN "
@@ -347,12 +444,12 @@ msgstr ""
"unter DOMAIN-ABSCHNITTE."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1614
+#: sssd.conf.5.xml:206 sssd.conf.5.xml:1676
msgid "full_name_format (string)"
msgstr "full_name_format (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146 sssd.conf.5.xml:1617
+#: sssd.conf.5.xml:209 sssd.conf.5.xml:1679
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to compose a "
@@ -364,32 +461,32 @@ msgstr ""
"zusammengestellt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:157 sssd.conf.5.xml:1628
+#: sssd.conf.5.xml:220 sssd.conf.5.xml:1690
msgid "%1$s"
msgstr "%1$s"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:158 sssd.conf.5.xml:1629
+#: sssd.conf.5.xml:221 sssd.conf.5.xml:1691
msgid "user name"
msgstr "Benutzername"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:161 sssd.conf.5.xml:1632
+#: sssd.conf.5.xml:224 sssd.conf.5.xml:1694
msgid "%2$s"
msgstr "%2$s"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:164 sssd.conf.5.xml:1635
+#: sssd.conf.5.xml:227 sssd.conf.5.xml:1697
msgid "domain name as specified in the SSSD config file."
msgstr "Domain-Name, wie er durch die SSSD-Konfigurationsdatei angegeben wird"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:170 sssd.conf.5.xml:1641
+#: sssd.conf.5.xml:233 sssd.conf.5.xml:1703
msgid "%3$s"
msgstr "%3$s"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:173 sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:236 sssd.conf.5.xml:1706
msgid ""
"domain flat name. Mostly usable for Active Directory domains, both directly "
"configured or discovered via IPA trusts."
@@ -398,7 +495,7 @@ msgstr ""
"direkt konfiguriert als auch über IPA-Trust"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154 sssd.conf.5.xml:1625
+#: sssd.conf.5.xml:217 sssd.conf.5.xml:1687
msgid ""
"The following expansions are supported: <placeholder type=\"variablelist\" "
"id=\"0\"/>"
@@ -408,7 +505,7 @@ msgstr ""
# FIXME s/see/See/
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:183
+#: sssd.conf.5.xml:246
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
@@ -418,12 +515,12 @@ msgstr ""
"ABSCHNITTE."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:189
+#: sssd.conf.5.xml:252
msgid "try_inotify (boolean)"
msgstr "try_inotify (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:192
+#: sssd.conf.5.xml:255
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -437,7 +534,7 @@ msgstr ""
"abzufragen."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:200
+#: sssd.conf.5.xml:263
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -448,7 +545,7 @@ msgstr ""
"sollte diese Option auf »false« gesetzt werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:206
+#: sssd.conf.5.xml:269
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
@@ -457,7 +554,7 @@ msgstr ""
"»false« auf anderen Plattformen."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:210
+#: sssd.conf.5.xml:273
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
@@ -466,19 +563,19 @@ msgstr ""
"verfügbar ist, keine Auswirkungen haben."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:217
+#: sssd.conf.5.xml:280
msgid "krb5_rcache_dir (string)"
msgstr "krb5_rcache_dir (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:220
+#: sssd.conf.5.xml:283
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:224
+#: sssd.conf.5.xml:287
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
@@ -488,7 +585,7 @@ msgstr ""
"Ort für den Replay-Zwischenspeicher ist."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:230
+#: sssd.conf.5.xml:293
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
@@ -497,13 +594,13 @@ msgstr ""
"(__LIBKRB5_DEFAULTS__, falls nicht konfiguriert)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:237
+#: sssd.conf.5.xml:300
msgid "default_domain_suffix (string)"
msgstr "default_domain_suffix (Zeichenkette)"
# FIXME s/is environments/are environments/
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:303
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -519,7 +616,7 @@ msgstr ""
"ihrem Benutzernamen ohne auch eine Domain anzugeben."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:250
+#: sssd.conf.5.xml:313
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
@@ -529,15 +626,14 @@ msgstr ""
"benutzer@domain.name verwenden müssen."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
-#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2346 sssd-ldap.5.xml:2373
-#: sssd-krb5.5.xml:408 include/ldap_id_mapping.xml:145
-#: include/ldap_id_mapping.xml:156
+#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1440
+#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:1534 sssd-krb5.5.xml:401
+#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214
msgid "Default: not set"
msgstr "Voreinstellung: nicht gesetzt"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:64
+#: sssd.conf.5.xml:126
msgid ""
"Individual pieces of SSSD functionality are provided by special SSSD "
"services that are started and stopped together with SSSD. The services are "
@@ -554,13 +650,13 @@ msgstr ""
"verwendet. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:267
+#: sssd.conf.5.xml:330
msgid "SERVICES SECTIONS"
msgstr "DIENSTABSCHNITTE"
# FIXME s/</quote>/</quote>./
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:269
+#: sssd.conf.5.xml:332
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -573,85 +669,22 @@ msgstr ""
"Abschnitt zum Beispiel <quote>[nss]</quote>."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:276
+#: sssd.conf.5.xml:339
msgid "General service configuration options"
msgstr "Allgemeine Optionen zum Konfigurieren von Diensten"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:278
+#: sssd.conf.5.xml:341
msgid "These options can be used to configure any service."
msgstr "Diese Optionen können zur Konfiguration jedes Dienstes benutzt werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:282
-msgid "debug_level (integer)"
-msgstr "debug_level (Ganzzahl)"
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:286
-msgid "debug_timestamps (bool)"
-msgstr "debug_timestamps (Boolesch)"
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:289
-msgid "Add a timestamp to the debug messages"
-msgstr "fügt den Debug-Nachrichten einen Zeitstempel hinzu"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
-#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1692
-#: sssd-ldap.5.xml:2134 sssd-ldap.5.xml:2199 sssd-ldap.5.xml:2217
-#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:161 sssd-ad.5.xml:186
-#: sssd-ad.5.xml:274 sssd-krb5.5.xml:497
-msgid "Default: true"
-msgstr "Voreinstellung: »true«"
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:297
-msgid "debug_microseconds (bool)"
-msgstr "debug_microseconds (Boolesch)"
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:300
-msgid "Add microseconds to the timestamp in debug messages"
-msgstr "fügt dem Zeitstempel der Debug-Nachrichten Mikrosekunden hinzu"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1750
-#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
-#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1930 sssd-ipa.5.xml:139
-#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492
-#: sssd-krb5.5.xml:264 sssd-krb5.5.xml:298 sssd-krb5.5.xml:469
-msgid "Default: false"
-msgstr "Voreinstellung: »false«"
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:308
-msgid "timeout (integer)"
-msgstr "timeout (Ganzzahl)"
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:311
-msgid ""
-"Timeout in seconds between heartbeats for this service. This is used to "
-"ensure that the process is alive and capable of answering requests."
-msgstr ""
-"Zeitüberschreitung in Sekunden zwischen Herzschlägen dieses Dienstes. Dies "
-"dient dazu, sicherzustellen, dass ein Prozess läuft und in der Lage ist, "
-"Anfragen zu beantworten."
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
-msgid "Default: 10"
-msgstr "Voreinstellung: 10"
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:334
+#: sssd.conf.5.xml:358
msgid "fd_limit"
msgstr "fd_limit"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:337
+#: sssd.conf.5.xml:361
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -667,17 +700,17 @@ msgstr ""
"Begrenzung in der »limit.conf« sein."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:346
+#: sssd.conf.5.xml:370
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr "Voreinstellung: 8192 (oder die »harte« Begrenzung der »limit.conf«)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:351
+#: sssd.conf.5.xml:375
msgid "client_idle_timeout"
msgstr "client_idle_timeout"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:354
+#: sssd.conf.5.xml:378
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -689,18 +722,19 @@ msgstr ""
"des Systems blockiert werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
-#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113
+#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415
+#: sssd.conf.5.xml:631 sssd.conf.5.xml:791 sssd.conf.5.xml:1054
+#: sssd-ldap.5.xml:1182
msgid "Default: 60"
msgstr "Voreinstellung: 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:366 sssd.conf.5.xml:1003
+#: sssd.conf.5.xml:390 sssd.conf.5.xml:1043
msgid "force_timeout (integer)"
msgstr "force_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:369 sssd.conf.5.xml:1006
+#: sssd.conf.5.xml:393 sssd.conf.5.xml:1046
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -714,14 +748,29 @@ msgstr ""
"Sekunden beendet, wird der Monitor sein Beenden durch Senden des Signals "
"SIGKILL erzwingen."
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:406
+#, fuzzy
+#| msgid "force_timeout (integer)"
+msgid "offline_timeout (integer)"
+msgstr "force_timeout (Ganzzahl)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:409
+msgid ""
+"If SSSD is in offline mode, and last attempt to go online was less than "
+"number of seconds specified in this option ago, new requests for data will "
+"not result in attempt to go online."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:385
+#: sssd.conf.5.xml:424
msgid "NSS configuration options"
msgstr "NSS-Konfigurationsoptionen"
# FIXME s/(NSS) /(NSS)/
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:387
+#: sssd.conf.5.xml:426
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
@@ -729,13 +778,13 @@ msgstr ""
"benutzt werden"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:392
+#: sssd.conf.5.xml:431
msgid "enum_cache_timeout (integer)"
msgstr "enum_cache_timeout (Ganzzahl)"
# FIXME s/users)/users)?/
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:395
+#: sssd.conf.5.xml:434
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
@@ -744,17 +793,17 @@ msgstr ""
"über alle Nutzer) zwischenspeichern?"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:399
+#: sssd.conf.5.xml:438
msgid "Default: 120"
msgstr "Voreinstellung: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:404
+#: sssd.conf.5.xml:443
msgid "entry_cache_nowait_percentage (integer)"
msgstr "entry_cache_nowait_percentage (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:446
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -766,7 +815,7 @@ msgstr ""
"werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:413
+#: sssd.conf.5.xml:452
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -783,7 +832,7 @@ msgstr ""
"Zwischenspeicheraktualisierung zu warten."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:423
+#: sssd.conf.5.xml:462
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -796,17 +845,17 @@ msgstr ""
"Sekunden senken. (0 schaltet diese Funktionalität aus.)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:470
msgid "Default: 50"
msgstr "Voreinstellung: 50"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:475
msgid "entry_negative_timeout (integer)"
msgstr "entry_negative_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:478
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -818,17 +867,17 @@ msgstr ""
"Backend erneut gefragt wird)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
+#: sssd.conf.5.xml:484 sssd.conf.5.xml:837
msgid "Default: 15"
msgstr "Voreinstellung: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:450
+#: sssd.conf.5.xml:489
msgid "filter_users, filter_groups (string)"
msgstr "filter_users, filter_groups (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:453
+#: sssd.conf.5.xml:492
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -841,17 +890,17 @@ msgstr ""
"von einer bestimmten Domain herauszufiltern."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:460
+#: sssd.conf.5.xml:499
msgid "Default: root"
msgstr "Voreinstellung: root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:465
+#: sssd.conf.5.xml:504
msgid "filter_users_in_groups (bool)"
msgstr "filter_users_in_groups (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:468
+#: sssd.conf.5.xml:507
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
@@ -859,12 +908,12 @@ msgstr ""
"setzen Sie diese Option auf »false«."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:478
+#: sssd.conf.5.xml:517
msgid "fallback_homedir (string)"
msgstr "fallback_homedir (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:520
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
@@ -873,7 +922,7 @@ msgstr ""
"es nicht explizit durch den Datenanbieter der Domain angegeben wurde."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:486
+#: sssd.conf.5.xml:525
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
@@ -881,55 +930,66 @@ msgstr ""
"»override_homedir«."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:492
-#, no-wrap
+#: sssd.conf.5.xml:531
+#, fuzzy, no-wrap
+#| msgid ""
+#| "override_homedir = /home/%u\n"
+#| " "
msgid ""
-"override_homedir = /home/%u\n"
+"fallback_homedir = /home/%u\n"
" "
msgstr ""
"override_homedir = /home/%u\n"
" "
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:490 include/override_homedir.xml:44
+#: sssd.conf.5.xml:529 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "Beispiel: <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:496
+#: sssd.conf.5.xml:535
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
"Voreinstellung: nicht gesetzt (kein Ersetzen nicht gesetzter Home-"
"Verzeichnisse)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:541
msgid "override_shell (string)"
msgstr "override_shell (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:505
+#: sssd.conf.5.xml:544
+#, fuzzy
+#| msgid ""
+#| "The default shell to use if the provider does not return one during "
+#| "lookup. This option supersedes any other shell options if it takes effect "
+#| "and can be set either in the [nss] section or per-domain."
msgid ""
-"Override the login shell for all users. This option can be specified "
-"globally in the [nss] section or per-domain."
+"Override the login shell for all users. This option supersedes any other "
+"shell options if it takes effect and can be set either in the [nss] section "
+"or per-domain."
msgstr ""
-"setzt die Anmelde-Shell für alle Benutzer außer Kraft. Diese Option kann "
-"global im Abschnitt [nss] oder pro Domain angegeben werden."
+"Die Standard-Shell, die benutzt werden soll, falls der Anbieter während des "
+"Nachschlagens keine zurückliefert. Tritt sie in Kraft, ersetzt diese Option "
+"alle anderen Shell-Optionen. Sie kann entweder im Abschnitt [nss] oder pro "
+"Domain gesetzt werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:550
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
"Voreinstellung: nicht gesetzt (SSSD wird den von LDAP erhaltenen Wert "
"benutzen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:516
+#: sssd.conf.5.xml:556
msgid "allowed_shells (string)"
msgstr "allowed_shells (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:559
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
@@ -937,12 +997,12 @@ msgstr ""
"Reihenfolge der Auswertung ist:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:562
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr "1. Falls die Shell in »/etc/shells« vorhanden ist, wird sie benutzt."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:526
+#: sssd.conf.5.xml:566
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
@@ -951,7 +1011,7 @@ msgstr ""
"shells« steht, wird der Wert des Parameters »shell_fallback« verwendet."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:531
+#: sssd.conf.5.xml:571
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
@@ -960,13 +1020,13 @@ msgstr ""
"steht, wird eine Nicht-Login-Shell benutzt."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:536
+#: sssd.conf.5.xml:576
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
"Eine leere Zeichenkette als Shell wird so wie sie ist an Libc übergeben."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:579
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
@@ -975,28 +1035,28 @@ msgstr ""
"Fall einer neu installierten Shell ein Neustart von SSSD nötig ist."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:543
+#: sssd.conf.5.xml:583
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
"Voreinstellung: nicht gesetzt. Die Benutzer-Shell wird automatisch verwendet."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:588
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:551
+#: sssd.conf.5.xml:591
msgid "Replace any instance of these shells with the shell_fallback"
msgstr "ersetzt jedwede Instanz dieser Shells durch die aus »shell_fallback«."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:556
+#: sssd.conf.5.xml:596
msgid "shell_fallback (string)"
msgstr "shell_fallback (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:559
+#: sssd.conf.5.xml:599
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
@@ -1004,21 +1064,25 @@ msgstr ""
"auf dem Rechner installiert ist."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:563
+#: sssd.conf.5.xml:603
msgid "Default: /bin/sh"
msgstr "Voreinstellung: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:568
+#: sssd.conf.5.xml:608
msgid "default_shell"
msgstr "default_shell"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:571
+#: sssd.conf.5.xml:611
+#, fuzzy
+#| msgid ""
+#| "The default shell to use if the provider does not return one during "
+#| "lookup. This option supersedes any other shell options if it takes effect "
+#| "and can be set either in the [nss] section or per-domain."
msgid ""
"The default shell to use if the provider does not return one during lookup. "
-"This option supersedes any other shell options if it takes effect and can be "
-"set either in the [nss] section or per-domain."
+"This option can be specified globally in the [nss] section or per-domain."
msgstr ""
"Die Standard-Shell, die benutzt werden soll, falls der Anbieter während des "
"Nachschlagens keine zurückliefert. Tritt sie in Kraft, ersetzt diese Option "
@@ -1026,7 +1090,7 @@ msgstr ""
"Domain gesetzt werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:577
+#: sssd.conf.5.xml:617
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
@@ -1036,13 +1100,13 @@ msgstr ""
"Vernünftiges, üblicherweise /bin/sh, ersetzt.)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
+#: sssd.conf.5.xml:624 sssd.conf.5.xml:784
msgid "get_domains_timeout (int)"
msgstr "get_domains_timeout (Ganzzahl)"
# http://de.wikipedia.org/wiki/Domain_%28Internet%29
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
+#: sssd.conf.5.xml:627 sssd.conf.5.xml:787
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
@@ -1051,12 +1115,12 @@ msgstr ""
"gültig erachtet wird."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:596
+#: sssd.conf.5.xml:636
msgid "memcache_timeout (int)"
msgstr "memcache_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:599
+#: sssd.conf.5.xml:639
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
@@ -1065,17 +1129,17 @@ msgstr ""
"Zwischenspeicher als gültig erachtet werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:643 sssd-ldap.5.xml:702
msgid "Default: 300"
msgstr "Voreinstellung: 300"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:610
+#: sssd.conf.5.xml:650
msgid "PAM configuration options"
msgstr "PAM-Konfigurationsoptionen"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:612
+#: sssd.conf.5.xml:652
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -1084,12 +1148,12 @@ msgstr ""
"Authentication Module« (PAM) einzurichten."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:617
+#: sssd.conf.5.xml:657
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:620
+#: sssd.conf.5.xml:660
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -1099,17 +1163,17 @@ msgstr ""
"erfolgreichen Anmeldung)?"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
+#: sssd.conf.5.xml:665 sssd.conf.5.xml:678
msgid "Default: 0 (No limit)"
msgstr "Voreinstellung: 0 (unbegrenzt)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:631
+#: sssd.conf.5.xml:671
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:674
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -1118,12 +1182,12 @@ msgstr ""
"Authentifizierungsanbieter offline ist?"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:644
+#: sssd.conf.5.xml:684
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:647
+#: sssd.conf.5.xml:687
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -1133,7 +1197,7 @@ msgstr ""
"Anmeldeversuch möglich ist"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:652
+#: sssd.conf.5.xml:692
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1145,17 +1209,17 @@ msgstr ""
"Authentifizierung reaktivieren."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:658 sssd.conf.5.xml:711
+#: sssd.conf.5.xml:698 sssd.conf.5.xml:751
msgid "Default: 5"
msgstr "Voreinstellung: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:664
+#: sssd.conf.5.xml:704
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:667
+#: sssd.conf.5.xml:707
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -1164,43 +1228,43 @@ msgstr ""
"angezeigt wird. Je höher die Zahl, desto mehr Nachrichten werden angezeigt."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:672
+#: sssd.conf.5.xml:712
msgid "Currently sssd supports the following values:"
msgstr "Derzeit unterstützt SSSD folgende Werte:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:675
+#: sssd.conf.5.xml:715
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: keine Nachricht anzeigen"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:678
+#: sssd.conf.5.xml:718
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: nur wichtige Nachrichten anzeigen"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:682
+#: sssd.conf.5.xml:722
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: nur mitteilsame Nachrichten anzeigen"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:685
+#: sssd.conf.5.xml:725
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis>: alle Nachrichten und Debug-Informationen anzeigen"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:689 sssd.8.xml:63
+#: sssd.conf.5.xml:729 sssd.8.xml:63
msgid "Default: 1"
msgstr "Voreinstellung: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:734
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:697
+#: sssd.conf.5.xml:737
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1212,7 +1276,7 @@ msgstr ""
"neusten Informationen erfolgt."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:703
+#: sssd.conf.5.xml:743
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1226,17 +1290,17 @@ msgstr ""
"Abfragen der Identitätsanbieter zu vermeiden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:717
+#: sssd.conf.5.xml:757
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:720 sssd.conf.5.xml:1164
+#: sssd.conf.5.xml:760 sssd.conf.5.xml:1217
msgid "Display a warning N days before the password expires."
msgstr "zeigt N Tage bevor das Passwort abläuft eine Warnung."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:723
+#: sssd.conf.5.xml:763
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1247,7 +1311,7 @@ msgstr ""
"SSSD keine Warnung anzeigen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:729 sssd.conf.5.xml:1167
+#: sssd.conf.5.xml:769 sssd.conf.5.xml:1220
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
@@ -1257,7 +1321,7 @@ msgstr ""
"automatisch angezeigt."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734
+#: sssd.conf.5.xml:774
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
@@ -1266,28 +1330,28 @@ msgstr ""
"emphasis> für eine bestimmte Domain außer Kraft gesetzt werden."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739 sssd.8.xml:79
+#: sssd.conf.5.xml:779 sssd.8.xml:79
msgid "Default: 0"
msgstr "Voreinstellung: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:759
+#: sssd.conf.5.xml:799
msgid "SUDO configuration options"
msgstr "Sudo-Konfigurationsoptionen"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:801
msgid "These options can be used to configure the sudo service."
msgstr ""
"Diese Optionen können zum Konfigurieren des Dienstes »sudo« benutzt werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:765
+#: sssd.conf.5.xml:805
msgid "sudo_timed (bool)"
msgstr "sudo_timed (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:768
+#: sssd.conf.5.xml:808
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
@@ -1297,23 +1361,23 @@ msgstr ""
"nicht."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:781
+#: sssd.conf.5.xml:821
msgid "AUTOFS configuration options"
msgstr "AUTOFS-Konfigurationsoptionen"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:823
msgid "These options can be used to configure the autofs service."
msgstr ""
"Diese Optionen können zum Konfigurieren des Dienstes »autofs« benutzt werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:787
+#: sssd.conf.5.xml:827
msgid "autofs_negative_timeout (integer)"
msgstr "autofs_negative_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:790
+#: sssd.conf.5.xml:830
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1324,23 +1388,23 @@ msgstr ""
"nicht existierende), bevor das Backend erneut befragt wird."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:806
+#: sssd.conf.5.xml:846
msgid "SSH configuration options"
msgstr "SSH-Konfigurationsoptionen"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:808
+#: sssd.conf.5.xml:848
msgid "These options can be used to configure the SSH service."
msgstr ""
"Diese Optionen können zum Konfigurieren des SSH-Dienstes benutzt werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:852
msgid "ssh_hash_known_hosts (bool)"
msgstr "ssh_hash_known_hosts (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:815
+#: sssd.conf.5.xml:855
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
@@ -1349,12 +1413,12 @@ msgstr ""
"»known_hosts« zusammengemischt werden oder nicht."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:824
+#: sssd.conf.5.xml:864
msgid "ssh_known_hosts_timeout (integer)"
msgstr "ssh_known_hosts_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:827
+#: sssd.conf.5.xml:867
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
@@ -1363,18 +1427,18 @@ msgstr ""
"»known_hosts« behalten wird, bevor seine Rechnerschlüssel abgefragt werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:831
+#: sssd.conf.5.xml:871
msgid "Default: 180"
msgstr "Voreinstellung: 180"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:879
msgid "PAC responder configuration options"
msgstr "PAC-Responder-Konfigurationsoptionen"
# http://de.wikipedia.org/wiki/Domain_Controller
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:841
+#: sssd.conf.5.xml:881
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1393,7 +1457,7 @@ msgstr ""
"ausgewertet wurde, werden einige der folgenden Transaktionen durchgeführt:"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:850
+#: sssd.conf.5.xml:890
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"determined with the help of the SID, trusted domains will have UPGs and the "
@@ -1411,7 +1475,7 @@ msgstr ""
"werden."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:858
+#: sssd.conf.5.xml:898
msgid ""
"If there are SIDs of groups from domains sssd knows about, the user will be "
"added to those groups."
@@ -1420,18 +1484,18 @@ msgstr ""
"diesen Gruppen hinzugefügt."
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:864
+#: sssd.conf.5.xml:904
msgid "These options can be used to configure the PAC responder."
msgstr ""
"Diese Optionen können zur Konfiguration des PAC-Responders verwendet werden."
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:868
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:908 sssd-ifp.5.xml:50
msgid "allowed_uids (string)"
msgstr "allowed_uids (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:871
+#: sssd.conf.5.xml:911
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1442,14 +1506,14 @@ msgstr ""
"beim Starten zu UIDs aufgelöst."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:877
+#: sssd.conf.5.xml:917
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
"Voreinstellung: 0 (Nur dem Benutzer Root ist der Zugriff auf den PAC-"
"Responder gestattet.)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:921
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1462,18 +1526,18 @@ msgstr ""
"der Liste der erlaubten UIDs auch die 0 hinzufügen."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:895
+#: sssd.conf.5.xml:935
msgid "DOMAIN SECTIONS"
msgstr "DOMAIN-ABSCHNITTE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:902
+#: sssd.conf.5.xml:942
msgid "min_id,max_id (integer)"
msgstr "min_id,max_id (Ganzzahl)"
# FIXME What ist »it« - the domain or the entry?
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:905
+#: sssd.conf.5.xml:945
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1482,7 +1546,7 @@ msgstr ""
"enthält, der jenseits dieser Beschränkungen liegt, wird er ignoriert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:950
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1495,7 +1559,7 @@ msgstr ""
"werden jene, die im Bereich liegen, wie erwartet gemeldet."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:917
+#: sssd.conf.5.xml:957
msgid ""
"These ID limits affect even saving entries to cache, not only returning them "
"by name or ID."
@@ -1504,17 +1568,17 @@ msgstr ""
"den Zwischenspeicher und nicht nur ihre Rückgabe über Name oder ID."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:921
+#: sssd.conf.5.xml:961
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Voreinstellung: 1 für »min_id«, 0 (keine Beschränkung) für »max_id«"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:927
+#: sssd.conf.5.xml:967
msgid "enumerate (bool)"
msgstr "enumerate (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:930
+#: sssd.conf.5.xml:970
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -1523,23 +1587,23 @@ msgstr ""
"der folgenden Werte haben:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:934
+#: sssd.conf.5.xml:974
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = Benutzer und Gruppen werden aufgezählt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:937
+#: sssd.conf.5.xml:977
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = keine Aufzählungen für diese Domain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:940 sssd.conf.5.xml:1141 sssd.conf.5.xml:1250
-#: sssd.conf.5.xml:1267
+#: sssd.conf.5.xml:980 sssd.conf.5.xml:1194 sssd.conf.5.xml:1303
+#: sssd.conf.5.xml:1320
msgid "Default: FALSE"
msgstr "Voreinstellung: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:943
+#: sssd.conf.5.xml:983
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1559,7 +1623,7 @@ msgstr ""
"die Mitgliedschaften neu berechnet werden müssen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:956
+#: sssd.conf.5.xml:996
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1569,7 +1633,7 @@ msgstr ""
"Ergebnisse zurück."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:961
+#: sssd.conf.5.xml:1001
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1584,7 +1648,7 @@ msgstr ""
"benutzten »id_provider«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:969
+#: sssd.conf.5.xml:1009
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
@@ -1593,32 +1657,32 @@ msgstr ""
"insbesondere in großen Umgebungen, nicht empfohlen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:977
+#: sssd.conf.5.xml:1017
msgid "subdomain_enumerate (string)"
msgstr "subdomain_enumerate (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:984
+#: sssd.conf.5.xml:1024
msgid "all"
msgstr "all"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:985
+#: sssd.conf.5.xml:1025
msgid "All discovered trusted domains will be enumerated"
msgstr "Alle gefundenen vertrauenswürdigen Domains werden aufgezählt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:988
+#: sssd.conf.5.xml:1028
msgid "none"
msgstr "none"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1029
msgid "No discovered trusted domains will be enumerated"
msgstr "Es werden keine gefundenen vertrauenswürdigen Domains aufgezählt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980
+#: sssd.conf.5.xml:1020
msgid ""
"Whether any of autodetected trusted domains should be enumerated. The "
"supported values are: <placeholder type=\"variablelist\" id=\"0\"/> "
@@ -1632,17 +1696,17 @@ msgstr ""
"vertrauenswürdigen Domains aktivieren."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666
+#: sssd.conf.5.xml:1037 sssd-ldap.5.xml:1735
msgid "Default: none"
msgstr "Voreinstellung: none"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1020
+#: sssd.conf.5.xml:1060
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1023
+#: sssd.conf.5.xml:1063
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1651,17 +1715,28 @@ msgstr ""
"soll, bevor das Backend erneut abgefragt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1027
+#: sssd.conf.5.xml:1067
+msgid ""
+"The cache expiration timestamps are stored as attributes of individual "
+"objects in the cache. Therefore, changing the cache timeout only has effect "
+"for newly added or expired entries. You should run the <citerefentry> "
+"<refentrytitle>sss_cache</refentrytitle> <manvolnum>8</manvolnum> </"
+"citerefentry> tool in order to force refresh of entries that have already "
+"been cached."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1080
msgid "Default: 5400"
msgstr "Voreinstellung: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1033
+#: sssd.conf.5.xml:1086
msgid "entry_cache_user_timeout (integer)"
msgstr "entry_cache_user_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1036
+#: sssd.conf.5.xml:1089
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
@@ -1670,18 +1745,18 @@ msgstr ""
"betrachten soll, bevor das Backend erneut abgefragt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1040 sssd.conf.5.xml:1053 sssd.conf.5.xml:1066
-#: sssd.conf.5.xml:1079 sssd.conf.5.xml:1092 sssd.conf.5.xml:1106
+#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1106 sssd.conf.5.xml:1119
+#: sssd.conf.5.xml:1132 sssd.conf.5.xml:1145 sssd.conf.5.xml:1159
msgid "Default: entry_cache_timeout"
msgstr "Voreinstellung: entry_cache_timeout"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1099
msgid "entry_cache_group_timeout (integer)"
msgstr "entry_cache_group_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1049
+#: sssd.conf.5.xml:1102
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
@@ -1690,12 +1765,12 @@ msgstr ""
"betrachten soll, bevor das Backend erneut abgefragt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1112
msgid "entry_cache_netgroup_timeout (integer)"
msgstr "entry_cache_netgroup_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1062
+#: sssd.conf.5.xml:1115
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
@@ -1704,12 +1779,12 @@ msgstr ""
"betrachten soll, bevor das Backend erneut abgefragt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1072
+#: sssd.conf.5.xml:1125
msgid "entry_cache_service_timeout (integer)"
msgstr "entry_cache_service_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1075
+#: sssd.conf.5.xml:1128
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
@@ -1718,12 +1793,12 @@ msgstr ""
"betrachten soll, bevor das Backend erneut abgefragt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1085
+#: sssd.conf.5.xml:1138
msgid "entry_cache_sudo_timeout (integer)"
msgstr "entry_cache_sudo_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1088
+#: sssd.conf.5.xml:1141
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
@@ -1732,12 +1807,12 @@ msgstr ""
"bevor das Backend erneut abgefragt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1098
+#: sssd.conf.5.xml:1151
msgid "entry_cache_autofs_timeout (integer)"
msgstr "entry_cache_autofs_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1154
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
@@ -1747,12 +1822,12 @@ msgstr ""
"wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1112
+#: sssd.conf.5.xml:1165
msgid "refresh_expired_interval (integer)"
msgstr "refresh_expired_interval (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1115
+#: sssd.conf.5.xml:1168
msgid ""
"Specifies how many seconds SSSD has to wait before refreshing expired "
"records. Currently only refreshing expired netgroups is supported."
@@ -1762,43 +1837,43 @@ msgstr ""
"Netzgruppen unterstützt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1120
+#: sssd.conf.5.xml:1173
msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
msgstr ""
"Sie können in Betracht ziehen, diesen Wert auf 3/4 * entry_cache_timeout zu "
"setzen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1124 sssd-ipa.5.xml:221
+#: sssd.conf.5.xml:1177 sssd-ipa.5.xml:221
msgid "Default: 0 (disabled)"
msgstr "Voreinstellung: 0 (deaktiviert)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1130
+#: sssd.conf.5.xml:1183
msgid "cache_credentials (bool)"
msgstr "cache_credentials (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1133
+#: sssd.conf.5.xml:1186
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
"bestimmt, ob auch Benutzerberechtigungen im lokalen LDB-Zwischenspeicher "
"zwischengespeichert werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1137
+#: sssd.conf.5.xml:1190
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
"Benutzerberechtigungen werden in einem SHA512-Hash, nicht im Klartext "
"gespeichert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1146
+#: sssd.conf.5.xml:1199
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1202
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1811,17 +1886,17 @@ msgstr ""
"Parameters muss größer oder gleich »offline_credentials_expiration« sein."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1156
+#: sssd.conf.5.xml:1209
msgid "Default: 0 (unlimited)"
msgstr "Voreinstellung: 0 (unbegrenzt)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1161
+#: sssd.conf.5.xml:1214
msgid "pwd_expiration_warning (integer)"
msgstr "pwd_expiration_warning (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1172
+#: sssd.conf.5.xml:1225
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1834,17 +1909,17 @@ msgstr ""
"Authentifizierungsanbieter konfiguriert werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1179
+#: sssd.conf.5.xml:1232
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr "Voreinstellung: 7 (Kerberos), 0 (LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1185
+#: sssd.conf.5.xml:1238
msgid "id_provider (string)"
msgstr "id_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1188
+#: sssd.conf.5.xml:1241
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
@@ -1852,17 +1927,17 @@ msgstr ""
"werden unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1192
+#: sssd.conf.5.xml:1245
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr "»proxy«: unterstützt einen veralteten NSS-Anbieter."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1195
+#: sssd.conf.5.xml:1248
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr "»local«: SSSDs interner Anbieter für lokale Benutzer"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1199
+#: sssd.conf.5.xml:1252
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1873,8 +1948,8 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1207 sssd.conf.5.xml:1293 sssd.conf.5.xml:1344
-#: sssd.conf.5.xml:1397
+#: sssd.conf.5.xml:1260 sssd.conf.5.xml:1346 sssd.conf.5.xml:1397
+#: sssd.conf.5.xml:1450
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1887,8 +1962,8 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1216 sssd.conf.5.xml:1302 sssd.conf.5.xml:1353
-#: sssd.conf.5.xml:1406
+#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1355 sssd.conf.5.xml:1406
+#: sssd.conf.5.xml:1459
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1900,12 +1975,12 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1227
+#: sssd.conf.5.xml:1280
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1230
+#: sssd.conf.5.xml:1283
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
@@ -1915,7 +1990,7 @@ msgstr ""
"Benutzers, der an NSS gemeldet wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1235
+#: sssd.conf.5.xml:1288
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1929,7 +2004,7 @@ msgstr ""
"test@LOCAL</command> würde ihn hingegen finden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1243
+#: sssd.conf.5.xml:1296
msgid ""
"NOTE: This option has no effect on netgroup lookups due to their tendency to "
"include nested netgroups without qualified names. For netgroups, all domains "
@@ -1941,17 +2016,17 @@ msgstr ""
"durchsucht, wenn ein nicht qualifizierter Name abgefragt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1255
+#: sssd.conf.5.xml:1308
msgid "ignore_group_members (bool)"
msgstr "ignore_group_members (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1258
+#: sssd.conf.5.xml:1311
msgid "Do not return group members for group lookups."
msgstr "gibt beim Nachschlagen der Gruppe nicht die Gruppenmitglieder zurück."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1261
+#: sssd.conf.5.xml:1314
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1962,12 +2037,12 @@ msgstr ""
"verarbeitet werden, werden die Gruppenmitglieder nicht zurückgegeben."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1272
+#: sssd.conf.5.xml:1325
msgid "auth_provider (string)"
msgstr "auth_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1275
+#: sssd.conf.5.xml:1328
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -1976,7 +2051,7 @@ msgstr ""
"Authentifizierungsanbieter werden unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1337
+#: sssd.conf.5.xml:1332 sssd.conf.5.xml:1390
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1987,7 +2062,7 @@ msgstr ""
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1286
+#: sssd.conf.5.xml:1339
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1999,19 +2074,19 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1310
+#: sssd.conf.5.xml:1363
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
"»proxy« zur Weitergabe der Authentifizierung an irgendein anderes PAM-Ziel"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1313
+#: sssd.conf.5.xml:1366
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "»none« deaktiviert explizit die Authentifizierung."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1316
+#: sssd.conf.5.xml:1369
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -2020,13 +2095,13 @@ msgstr ""
"mit Authentifizierungsanfragen umgehen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1322
+#: sssd.conf.5.xml:1375
msgid "access_provider (string)"
msgstr "access_provider (Zeichenkette)"
# FIXME s/backends)/backends)./
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1325
+#: sssd.conf.5.xml:1378
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -2037,7 +2112,7 @@ msgstr ""
"Backends enthalten sind). Interne Spezialanbieter sind:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1331
+#: sssd.conf.5.xml:1384
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
@@ -2046,12 +2121,12 @@ msgstr ""
"für eine lokale Domain."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1334
+#: sssd.conf.5.xml:1387
msgid "<quote>deny</quote> always deny access."
msgstr "»deny« verweigert dem Zugriff immer."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1361
+#: sssd.conf.5.xml:1414
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -2064,17 +2139,17 @@ msgstr ""
"simple</refentrytitle> <manvolnum>5</manvolnum></citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1368
+#: sssd.conf.5.xml:1421
msgid "Default: <quote>permit</quote>"
msgstr "Voreinstellung: »permit«"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1373
+#: sssd.conf.5.xml:1426
msgid "chpass_provider (string)"
msgstr "chpass_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1376
+#: sssd.conf.5.xml:1429
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -2083,7 +2158,7 @@ msgstr ""
"Folgende Anbieter von Passwortänderungen werden unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1381
+#: sssd.conf.5.xml:1434
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -2095,7 +2170,7 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1389
+#: sssd.conf.5.xml:1442
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2107,19 +2182,19 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1414
+#: sssd.conf.5.xml:1467
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
"»proxy« zur Weitergabe der Passwortänderung an irgendein anderes PAM-Ziel"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1418
+#: sssd.conf.5.xml:1471
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr "»none« verbietet explizit Passwortänderungen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1474
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -2128,19 +2203,19 @@ msgstr ""
"kann mit Passwortänderungsanfragen umgehen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1481
msgid "sudo_provider (string)"
msgstr "sudo_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1431
+#: sssd.conf.5.xml:1484
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
"der für diese Domain benutzte Sudo-Anbieter. Folgende Sudo-Anbieter werden "
"unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1488
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2151,24 +2226,38 @@ msgstr ""
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1442
+#: sssd.conf.5.xml:1496
+msgid ""
+"<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default "
+"settings."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1500
+msgid ""
+"<quote>ad</quote> the same as <quote>ldap</quote> but with AD default "
+"settings."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1504
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr "»none« deaktiviert explizit Sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1445 sssd.conf.5.xml:1499 sssd.conf.5.xml:1531
-#: sssd.conf.5.xml:1556
+#: sssd.conf.5.xml:1507 sssd.conf.5.xml:1561 sssd.conf.5.xml:1593
+#: sssd.conf.5.xml:1618
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
"Voreinstellung: Falls gesetzt, wird der Wert von »id_provider« benutzt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1451
+#: sssd.conf.5.xml:1513
msgid "selinux_provider (string)"
msgstr "selinux_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1454
+#: sssd.conf.5.xml:1516
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2179,7 +2268,7 @@ msgstr ""
"Zugriffsanbieter beendet hat. Folgende SELinux-Anbieter werden unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1522
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2191,12 +2280,12 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1530
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr "»none« verbietet explizit das Abholen von SELinux-Einstellungen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1533
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
@@ -2205,12 +2294,12 @@ msgstr ""
"kann SELinux-Ladeanfragen handhaben."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1477
+#: sssd.conf.5.xml:1539
msgid "subdomains_provider (string)"
msgstr "subdomains_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1480
+#: sssd.conf.5.xml:1542
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
@@ -2220,7 +2309,7 @@ msgstr ""
"werden unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1548
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2232,17 +2321,17 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1495
+#: sssd.conf.5.xml:1557
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr "»none« deaktiviert explizit das Abholen von Subdomains."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1506
+#: sssd.conf.5.xml:1568
msgid "autofs_provider (string)"
msgstr "autofs_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1509
+#: sssd.conf.5.xml:1571
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
@@ -2250,7 +2339,7 @@ msgstr ""
"»autofs« werden unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1513
+#: sssd.conf.5.xml:1575
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2262,7 +2351,7 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1520
+#: sssd.conf.5.xml:1582
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2274,17 +2363,17 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
+#: sssd.conf.5.xml:1590
msgid "<quote>none</quote> disables autofs explicitly."
msgstr "»none« deaktiviert explizit »autofs«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1538
+#: sssd.conf.5.xml:1600
msgid "hostid_provider (string)"
msgstr "hostid_provider (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1541
+#: sssd.conf.5.xml:1603
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
@@ -2293,7 +2382,7 @@ msgstr ""
"wird. Folgende Anbieter von »hostid« werden unterstützt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1607
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2305,12 +2394,12 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1553
+#: sssd.conf.5.xml:1615
msgid "<quote>none</quote> disables hostid explicitly."
msgstr "»none« deaktiviert explizit »hostid«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1566
+#: sssd.conf.5.xml:1628
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components. The \"domain\" can "
@@ -2325,7 +2414,7 @@ msgstr ""
"(NetBIOS-) Namen der Domain entsprechen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1575
+#: sssd.conf.5.xml:1637
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2337,22 +2426,22 @@ msgstr ""
"P&lt;Name&gt;[^@\\\\]+)$))« "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1580
+#: sssd.conf.5.xml:1642
msgid "username"
msgstr "Benutzername"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1583
+#: sssd.conf.5.xml:1645
msgid "username@domain.name"
msgstr "Benutzername@Domain.Name"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1586
+#: sssd.conf.5.xml:1648
msgid "domain\\username"
msgstr "Domain\\Benutzername"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1589
+#: sssd.conf.5.xml:1651
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
@@ -2362,7 +2451,7 @@ msgstr ""
"Windows-Domains zu ermöglichen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1594
+#: sssd.conf.5.xml:1656
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2372,7 +2461,7 @@ msgstr ""
"bedeutet »der Name ist alles bis zum »@«-Zeichen, die Domain alles danach«"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1600
+#: sssd.conf.5.xml:1662
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2384,7 +2473,7 @@ msgstr ""
"eindeutig benannte Musterteile unterstützen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1669
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -2393,17 +2482,17 @@ msgstr ""
"Beschriftungsmusterteile nur die Python-Syntax (?P&lt;Name&gt;)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1716
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Voreinstellung: »%1$s@%2$s«"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1660
+#: sssd.conf.5.xml:1722
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1663
+#: sssd.conf.5.xml:1725
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2411,46 +2500,46 @@ msgstr ""
"ermöglicht es, die bei DNS-Abfragen zu bevorzugende Adressfamilie zu wählen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1667
+#: sssd.conf.5.xml:1729
msgid "Supported values:"
msgstr "unterstützte Werte:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1732
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
"ipv4_first: versucht die IPv4- und, falls dies fehlschlägt, die IPv6-Adresse "
"nachzuschlagen"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1735
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr "ipv4_only: versucht, nur Rechnernamen zu IPv4-Adressen aufzulösen"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1738
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
"ipv6_first: versucht die IPv6- und, falls dies fehlschlägt, die IPv4-Adresse "
"nachzuschlagen"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1679
+#: sssd.conf.5.xml:1741
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr "ipv6_only: versucht, nur Rechnernamen zu IPv6-Adressen aufzulösen"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1682
+#: sssd.conf.5.xml:1744
msgid "Default: ipv4_first"
msgstr "Voreinstellung: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1688
+#: sssd.conf.5.xml:1750
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1691
+#: sssd.conf.5.xml:1753
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2462,18 +2551,18 @@ msgstr ""
"Offline-Modus arbeiten."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1697 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139
-#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:246
+#: sssd.conf.5.xml:1759 sssd-ldap.5.xml:1166 sssd-ldap.5.xml:1208
+#: sssd-ldap.5.xml:1223 sssd-krb5.5.xml:239
msgid "Default: 6"
msgstr "Voreinstellung: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1703
+#: sssd.conf.5.xml:1765
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:1768
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -2482,27 +2571,27 @@ msgstr ""
"DNS-Dienstabfrage an."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1710
+#: sssd.conf.5.xml:1772
msgid "Default: Use the domain part of machine's hostname"
msgstr "Voreinstellung: Der Domain-Teil des Rechnernamens wird benutzt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1716
+#: sssd.conf.5.xml:1778
msgid "override_gid (integer)"
msgstr "override_gid (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1719
+#: sssd.conf.5.xml:1781
msgid "Override the primary GID value with the one specified."
msgstr "überschreibt die Haupt-GID mit der angegebenen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1725
+#: sssd.conf.5.xml:1787
msgid "case_sensitive (boolean)"
msgstr "case_sensitive (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1790
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
@@ -2511,17 +2600,17 @@ msgstr ""
"Im Moment wird diese Option nicht vom lokalen Anbieter unterstützt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1733 sssd-ad.5.xml:244
+#: sssd.conf.5.xml:1795 sssd-ad.5.xml:397
msgid "Default: True"
msgstr "Voreinstellung: True"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1739
+#: sssd.conf.5.xml:1801
msgid "proxy_fast_alias (boolean)"
msgstr "proxy_fast_alias (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1742
+#: sssd.conf.5.xml:1804
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2535,28 +2624,35 @@ msgstr ""
"veranlassen, die ID im Zwischenspeicher nachzuschlagen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1756
+#: sssd.conf.5.xml:1818
msgid "subdomain_homedir (string)"
msgstr "subdomain_homedir (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1766
+#: sssd.conf.5.xml:1829
msgid "%F"
msgstr "%F"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1767
+#: sssd.conf.5.xml:1830
msgid "flat (NetBIOS) name of a subdomain."
msgstr "flacher (NetBIOS-) Name einer Subdomain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1759
-msgid ""
-"Use this homedir as default value for all subdomains within this domain. See "
-"<emphasis>override_homedir</emphasis> for info about possible values. In "
-"addition to those, the expansion below can only be used with "
-"<emphasis>subdomain_homedir</emphasis>. <placeholder type=\"variablelist\" "
-"id=\"0\"/>"
+#: sssd.conf.5.xml:1821
+#, fuzzy
+#| msgid ""
+#| "Use this homedir as default value for all subdomains within this domain. "
+#| "See <emphasis>override_homedir</emphasis> for info about possible values. "
+#| "In addition to those, the expansion below can only be used with "
+#| "<emphasis>subdomain_homedir</emphasis>. <placeholder type=\"variablelist"
+#| "\" id=\"0\"/>"
+msgid ""
+"Use this homedir as default value for all subdomains within this domain in "
+"IPA AD trust. See <emphasis>override_homedir</emphasis> for info about "
+"possible values. In addition to those, the expansion below can only be used "
+"with <emphasis>subdomain_homedir</emphasis>. <placeholder type="
+"\"variablelist\" id=\"0\"/>"
msgstr ""
"benutzt das Home-Verzeichnis als Standardwert für alle Subdomains innerhalb "
"dieser Domain. Informationen über mögliche Werte finden Sie unter "
@@ -2565,7 +2661,7 @@ msgstr ""
"<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1772
+#: sssd.conf.5.xml:1835
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
@@ -2573,17 +2669,17 @@ msgstr ""
"überschrieben werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1839
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr "Voreinstellung: <filename>/home/%d/%u</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1781
+#: sssd.conf.5.xml:1844
msgid "realmd_tags (string)"
msgstr "realmd_tags (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1784
+#: sssd.conf.5.xml:1847
msgid ""
"Various tags stored by the realmd configuration service for this domain."
msgstr ""
@@ -2591,7 +2687,7 @@ msgstr ""
"Kennzeichnungen"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:937
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2603,17 +2699,17 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1797
+#: sssd.conf.5.xml:1860
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1800
+#: sssd.conf.5.xml:1863
msgid "The proxy target PAM proxies to."
msgstr "das Proxy-Ziel, an das PAM weiterleitet"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1803
+#: sssd.conf.5.xml:1866
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -2623,12 +2719,12 @@ msgstr ""
"hinzufügen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1811
+#: sssd.conf.5.xml:1874
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1814
+#: sssd.conf.5.xml:1877
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2639,7 +2735,7 @@ msgstr ""
"$(libName)_$(function)«, zum Beispiel »_nss_files_getpwent«."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1793
+#: sssd.conf.5.xml:1856
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -2648,13 +2744,13 @@ msgstr ""
"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1826
+#: sssd.conf.5.xml:1889
msgid "The local domain section"
msgstr "Der Abschnitt lokale Domain"
# FIXME s/domain/domains/
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1828
+#: sssd.conf.5.xml:1891
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2665,29 +2761,29 @@ msgstr ""
"<replaceable>ID_Anbieter=lokal</replaceable> benutzt."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1835
+#: sssd.conf.5.xml:1898
msgid "default_shell (string)"
msgstr "default_shell (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1838
+#: sssd.conf.5.xml:1901
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
"die Standard-Shell für Anwender, die mit den SSSD-Werkzeugen für den "
"Benutzerbereich erstellt wurde."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1842
+#: sssd.conf.5.xml:1905
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Voreinstellung: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1847
+#: sssd.conf.5.xml:1910
msgid "base_directory (string)"
msgstr "base_directory (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1850
+#: sssd.conf.5.xml:1913
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -2696,17 +2792,17 @@ msgstr ""
"replaceable> und benutzen dies als Home-Verzeichnis."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1855
+#: sssd.conf.5.xml:1918
msgid "Default: <filename>/home</filename>"
msgstr "Voreinstellung: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1860
+#: sssd.conf.5.xml:1923
msgid "create_homedir (bool)"
msgstr "create_homedir (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1863
+#: sssd.conf.5.xml:1926
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
@@ -2715,17 +2811,17 @@ msgstr ""
"werden soll; kann auf der Befehlszeile überschrieben werden"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1867 sssd.conf.5.xml:1879
+#: sssd.conf.5.xml:1930 sssd.conf.5.xml:1942
msgid "Default: TRUE"
msgstr "Voreinstellung: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1872
+#: sssd.conf.5.xml:1935
msgid "remove_homedir (bool)"
msgstr "remove_homedir (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1875
+#: sssd.conf.5.xml:1938
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
@@ -2734,12 +2830,12 @@ msgstr ""
"entfernt werden soll; kann auf der Befehlszeile überschrieben werden"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1884
+#: sssd.conf.5.xml:1947
msgid "homedir_umask (integer)"
msgstr "homedir_umask (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1887
+#: sssd.conf.5.xml:1950
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2750,17 +2846,17 @@ msgstr ""
"Standardzugriffsrechte für ein neu erstelltes Home-Verzeichnis anzugeben."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1895
+#: sssd.conf.5.xml:1958
msgid "Default: 077"
msgstr "Voreinstellung: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1900
+#: sssd.conf.5.xml:1963
msgid "skel_dir (string)"
msgstr "skel_dir (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1903
+#: sssd.conf.5.xml:1966
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2773,17 +2869,17 @@ msgstr ""
"<manvolnum>8</manvolnum> </citerefentry> erstellt wird"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1913
+#: sssd.conf.5.xml:1976
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Voreinstellung: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1918
+#: sssd.conf.5.xml:1981
msgid "mail_dir (string)"
msgstr "mail_dir (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1921
+#: sssd.conf.5.xml:1984
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2794,18 +2890,18 @@ msgstr ""
"wurde. Ist dies nicht angegeben wird ein Standardwert verwendet."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1928
+#: sssd.conf.5.xml:1991
msgid "Default: <filename>/var/mail</filename>"
msgstr "Voreinstellung: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1933
+#: sssd.conf.5.xml:1996
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (Zeichenkette)"
# FIXME s/us/is/
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1936
+#: sssd.conf.5.xml:1999
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2817,18 +2913,18 @@ msgstr ""
"berücksichtigt."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1942
+#: sssd.conf.5.xml:2005
msgid "Default: None, no command is run"
msgstr "Voreinstellung: keine, es wird kein Befehl ausgeführt"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1952 sssd-ldap.5.xml:2399 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:759 sssd-ad.5.xml:293 sssd-krb5.5.xml:526
+#: sssd.conf.5.xml:2015 sssd-ldap.5.xml:2443 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:552 sssd-ad.5.xml:446 sssd-krb5.5.xml:519
msgid "EXAMPLE"
msgstr "BEISPIEL"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1958
+#: sssd.conf.5.xml:2021
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2882,7 +2978,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1954
+#: sssd.conf.5.xml:2017
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2899,6 +2995,11 @@ msgstr ""
msgid "sssd-ldap"
msgstr "sssd-ldap"
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-ldap.5.xml:17
+msgid "SSSD LDAP provider"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:23
msgid ""
@@ -2941,8 +3042,8 @@ msgstr ""
"unter »ldap_access_filter«."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:83
-#: sssd-krb5.5.xml:63
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:88
+#: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44
msgid "CONFIGURATION OPTIONS"
msgstr "KONFIGURATIONSOPTIONEN"
@@ -3054,8 +3155,8 @@ msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"."
msgstr ""
"Der Gültigkeitsbereich kann entweder »base«, »onelevel« oder »subtree« sein."
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:122
+#. type: Content of: <listitem><para>
+#: sssd-ldap.5.xml:122 include/ldap_search_bases.xml:18
msgid ""
"The filter must be a valid LDAP search filter as specified by http://www."
"ietf.org/rfc/rfc2254.txt"
@@ -3064,7 +3165,7 @@ msgstr ""
"rfc/rfc2254.txt spezifiziert, sein."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:126
+#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212
msgid "Examples:"
msgstr "Beispiele:"
@@ -3294,7 +3395,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr "das LDAP-Attribut, das zu der Hauptgruppen-ID des Benutzers gehört"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840
msgid "Default: gidNumber"
msgstr "Voreinstellung: gidNumber"
@@ -3359,7 +3460,7 @@ msgstr ""
"das LDAP-Attribut, das die UUID/GUID eines LDAP-Benutzerobjekts enthält"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1073
msgid "Default: nsUniqueId"
msgstr "Voreinstellung: nsUniqueId"
@@ -3379,7 +3480,7 @@ msgstr ""
"Dies wird normalerweise nur für Active-Directory-Server benötigt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
"Voreinstellung: objectSid für Active Directory, für andere Server nicht "
@@ -3391,7 +3492,7 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr "ldap_user_modify_timestamp (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1082
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
@@ -3400,7 +3501,7 @@ msgstr ""
"übergeordneten Objekt enthält"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1089
msgid "Default: modifyTimestamp"
msgstr "Voreinstellung: modifyTimestamp"
@@ -3715,22 +3816,78 @@ msgstr "Voreinstellung: krbPrincipalName"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:620
+#, fuzzy
+#| msgid "ldap_user_search_base (string)"
+msgid "ldap_user_extra_attrs (string)"
+msgstr "ldap_user_search_base (Zeichenkette)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:623
+msgid ""
+"Comma-separated list of LDAP attributes that SSSD would fetch along with the "
+"usual set of user attributes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:628
+msgid ""
+"The list can either contain LDAP attribute names only, or colon-separated "
+"tuples of SSSD cache attribute name and LDAP attribute name. In case only "
+"LDAP attribute name is specified, the attribute is saved to the cache "
+"verbatim. Using a custom SSSD attribute name might be required by "
+"environments that configure several SSSD domains with different LDAP schemas."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:638
+msgid ""
+"Please note that several attribute names are reserved by SSSD, notably the "
+"<quote>name</quote> attribute. SSSD would report an error if any of the "
+"reserved attribute names is used as an extra attribute name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:648
+msgid "ldap_user_extra_attrs = telephoneNumber"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:651
+msgid ""
+"Save the <quote>telephoneNumber</quote> attribute from LDAP as "
+"<quote>telephoneNumber</quote> to the cache."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:655
+msgid "ldap_user_extra_attrs = phone:telephoneNumber"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:658
+msgid ""
+"Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</"
+"quote> to the cache."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:668
msgid "ldap_user_ssh_public_key (string)"
msgstr "ldap_user_ssh_public_key (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:623
+#: sssd-ldap.5.xml:671
msgid "The LDAP attribute that contains the user's SSH public keys."
msgstr ""
"das LDAP-Attribut, das die öffentlichen SSH-Schlüssel des Benutzers enthält"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:630
+#: sssd-ldap.5.xml:678
msgid "ldap_force_upper_case_realm (boolean)"
msgstr "ldap_force_upper_case_realm (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:633
+#: sssd-ldap.5.xml:681
msgid ""
"Some directory servers, for example Active Directory, might deliver the "
"realm part of the UPN in lower case, which might cause the authentication to "
@@ -3743,12 +3900,12 @@ msgstr ""
"ungleich null, falls Sie einen Realm in Großbuchstaben wünschen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:646
+#: sssd-ldap.5.xml:694
msgid "ldap_enumeration_refresh_timeout (integer)"
msgstr "ldap_enumeration_refresh_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:649
+#: sssd-ldap.5.xml:697
msgid ""
"Specifies how many seconds SSSD has to wait before refreshing its cache of "
"enumerated records."
@@ -3757,12 +3914,12 @@ msgstr ""
"Zwischenspeicher aufgezählter Datensätze aktualisiert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:660
+#: sssd-ldap.5.xml:708
msgid "ldap_purge_cache_timeout (integer)"
msgstr "ldap_purge_cache_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:663
+#: sssd-ldap.5.xml:711
msgid ""
"Determine how often to check the cache for inactive entries (such as groups "
"with no members and users who have never logged in) and remove them to save "
@@ -3773,58 +3930,57 @@ msgstr ""
"haben) und diese entfernt werden, um Platz zu sparen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:669
+#: sssd-ldap.5.xml:717
msgid "Setting this option to zero will disable the cache cleanup operation."
msgstr ""
"Wird diese Option auf null gesetzt, wird das Aufräumen des Zwischenspeichers "
"deaktiviert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:673
+#: sssd-ldap.5.xml:721
msgid "Default: 10800 (12 hours)"
msgstr "Voreinstellung: 10800 (12 Stunden)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:679
+#: sssd-ldap.5.xml:727
msgid "ldap_user_fullname (string)"
msgstr "ldap_user_fullname (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:682
+#: sssd-ldap.5.xml:730
msgid "The LDAP attribute that corresponds to the user's full name."
msgstr "das LDAP-Attribut, das dem vollständigen Benutzernamen entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
-#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1963 sssd-ldap.5.xml:2289
-#: sssd-ipa.5.xml:614
+#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1023
+#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:2038 sssd-ldap.5.xml:2377
msgid "Default: cn"
msgstr "Voreinstellung: cn"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:692
+#: sssd-ldap.5.xml:740
msgid "ldap_user_member_of (string)"
msgstr "ldap_user_member_of (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:695
+#: sssd-ldap.5.xml:743
msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
"das LDAP-Attribut, das die Gruppenmitgliedschaften des Benutzers aufführt"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:518
+#: sssd-ldap.5.xml:747
msgid "Default: memberOf"
msgstr "Voreinstellung: memberOf"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:705
+#: sssd-ldap.5.xml:753
msgid "ldap_user_authorized_service (string)"
msgstr "ldap_user_authorized_service (Zeichenkette)"
# FIXME s/If/If using/
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:708
+#: sssd-ldap.5.xml:756
msgid ""
"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will "
"use the presence of the authorizedService attribute in the user's LDAP entry "
@@ -3835,7 +3991,7 @@ msgstr ""
"im LDAP-Eintrag den Benutzers nutzen, um die Zugriffsrechte zu bestimmen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:715
+#: sssd-ldap.5.xml:763
msgid ""
"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
"explicit allow (svc) and finally for allow_all (*)."
@@ -3844,7 +4000,7 @@ msgstr ""
"SSSD eine explizite Erlaubnis (»svc«) und zuletzt nach »allow_all« (*)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:720
+#: sssd-ldap.5.xml:768
msgid ""
"Please note that the ldap_access_order configuration option <emphasis>must</"
"emphasis> include <quote>authorized_service</quote> in order for the "
@@ -3855,18 +4011,18 @@ msgstr ""
"»ldap_user_authorized_service« funktioniert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:727
+#: sssd-ldap.5.xml:775
msgid "Default: authorizedService"
msgstr "Voreinstellung: authorizedService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:733
+#: sssd-ldap.5.xml:781
msgid "ldap_user_authorized_host (string)"
msgstr "ldap_user_authorized_host (Zeichenkette)"
# FIXME s/If/If using/
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:736
+#: sssd-ldap.5.xml:784
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3877,7 +4033,7 @@ msgstr ""
"verwenden, um die Zugriffsrechte zu bestimmen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:742
+#: sssd-ldap.5.xml:790
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
@@ -3886,7 +4042,7 @@ msgstr ""
"SSSD eine explizite Erlaubnis (»host«) und zuletzt nach »allow_all« (*)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:747
+#: sssd-ldap.5.xml:795
msgid ""
"Please note that the ldap_access_order configuration option <emphasis>must</"
"emphasis> include <quote>host</quote> in order for the "
@@ -3897,78 +4053,78 @@ msgstr ""
"»ldap_user_authorized_host« funktioniert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:754
+#: sssd-ldap.5.xml:802
msgid "Default: host"
msgstr "Voreinstellung: host"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:760
+#: sssd-ldap.5.xml:808
msgid "ldap_group_object_class (string)"
msgstr "ldap_group_object_class (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:763
+#: sssd-ldap.5.xml:811
msgid "The object class of a group entry in LDAP."
msgstr "die Objektklasse eines Gruppeneintrags in LDAP"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:766
+#: sssd-ldap.5.xml:814
msgid "Default: posixGroup"
msgstr "Voreinstellung: posixGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:772
+#: sssd-ldap.5.xml:820
msgid "ldap_group_name (string)"
msgstr "ldap_group_name (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:775
+#: sssd-ldap.5.xml:823
msgid "The LDAP attribute that corresponds to the group name."
msgstr "das LDAP-Attribut, das dem Gruppennamen entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:785
+#: sssd-ldap.5.xml:833
msgid "ldap_group_gid_number (string)"
msgstr "ldap_group_gid_number (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:788
+#: sssd-ldap.5.xml:836
msgid "The LDAP attribute that corresponds to the group's id."
msgstr "das LDAP-Attribut, das der Gruppen-ID entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:798
+#: sssd-ldap.5.xml:846
msgid "ldap_group_member (string)"
msgstr "ldap_group_member (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:801
+#: sssd-ldap.5.xml:849
msgid "The LDAP attribute that contains the names of the group's members."
msgstr "das LDAP-Attribut, das die Namen der Gruppenmitglieder enthält"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:805
+#: sssd-ldap.5.xml:853
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr "Voreinstellung: memberuid (rfc2307) / member (rfc2307bis)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:811
+#: sssd-ldap.5.xml:859
msgid "ldap_group_uuid (string)"
msgstr "ldap_group_uuid (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:814
+#: sssd-ldap.5.xml:862
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr "das LDAP-Attribut, das die UUID/GUID eines LDAP-Gruppenobjekts enthält"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:824
+#: sssd-ldap.5.xml:872
msgid "ldap_group_objectsid (string)"
msgstr "ldap_group_objectsid (Zeichenkette)"
# FIXME s/ActiveDirectory/Active Directory/
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:827
+#: sssd-ldap.5.xml:875
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
@@ -3977,17 +4133,46 @@ msgstr ""
"wird normalerweise nur für Active-Directory-Server benötigt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:839
+#: sssd-ldap.5.xml:887
msgid "ldap_group_modify_timestamp (string)"
msgstr "ldap_group_modify_timestamp (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:852
+#: sssd-ldap.5.xml:900
+#, fuzzy
+#| msgid "ldap_opt_timeout (integer)"
+msgid "ldap_group_type (integer)"
+msgstr "ldap_opt_timeout (Ganzzahl)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:903
+#, fuzzy
+#| msgid "The LDAP attribute that contains the names of the group's members."
+msgid ""
+"The LDAP attribute that contains an integer value indicating the type of the "
+"group and maybe other flags."
+msgstr "das LDAP-Attribut, das die Namen der Gruppenmitglieder enthält"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:908
+msgid ""
+"This attribute is currently only used by the AD provider to determine if a "
+"group is a domain local groups and has to be filtered out for trusted "
+"domains."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:914
+msgid "Default: groupType in the AD provider, othewise not set"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:921
msgid "ldap_group_nesting_level (integer)"
msgstr "ldap_group_nesting_level (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:855
+#: sssd-ldap.5.xml:924
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -3999,17 +4184,17 @@ msgstr ""
"das Schema RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:862
+#: sssd-ldap.5.xml:931
msgid "Default: 2"
msgstr "Voreinstellung: 2"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:868
+#: sssd-ldap.5.xml:937
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr "ldap_groups_use_matching_rule_in_chain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:871
+#: sssd-ldap.5.xml:940
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -4021,7 +4206,7 @@ msgstr ""
"beschleunigen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:877
+#: sssd-ldap.5.xml:946
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
@@ -4031,7 +4216,7 @@ msgstr ""
"Leistungssteigerung."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
+#: sssd-ldap.5.xml:951 sssd-ldap.5.xml:978
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -4042,7 +4227,7 @@ msgstr ""
"»True« eigentlich »auto-detect«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
+#: sssd-ldap.5.xml:957 sssd-ldap.5.xml:984
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
@@ -4055,18 +4240,18 @@ msgstr ""
"aa746475%28v=vs.85%29.aspx\"> MSDN™-Dokumentation</ulink>."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
-#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1734 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:990 sssd-ldap.5.xml:1281
+#: sssd-ldap.5.xml:1302 sssd-ldap.5.xml:1808 include/ldap_id_mapping.xml:242
msgid "Default: False"
msgstr "Voreinstellung: False"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:900
+#: sssd-ldap.5.xml:969
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr "ldap_initgroups_use_matching_rule_in_chain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:903
+#: sssd-ldap.5.xml:972
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -4078,71 +4263,71 @@ msgstr ""
"verschachtelten Gruppen)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:927
+#: sssd-ldap.5.xml:996
msgid "ldap_netgroup_object_class (string)"
msgstr "ldap_netgroup_object_class (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:930
+#: sssd-ldap.5.xml:999
msgid "The object class of a netgroup entry in LDAP."
msgstr "die Objektklasse eines Netzgruppeneintrags in LDAP"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:933
+#: sssd-ldap.5.xml:1002
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr ""
"Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_object_class« benutzt "
"werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:937
+#: sssd-ldap.5.xml:1006
msgid "Default: nisNetgroup"
msgstr "Voreinstellung: nisNetgroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:943
+#: sssd-ldap.5.xml:1012
msgid "ldap_netgroup_name (string)"
msgstr "ldap_netgroup_name (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:1015
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr "das LDAP-Attribut, das dem Netzgruppennamen entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:950
+#: sssd-ldap.5.xml:1019
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr ""
"Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_name« benutzt werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:960
+#: sssd-ldap.5.xml:1029
msgid "ldap_netgroup_member (string)"
msgstr "ldap_netgroup_member (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:1032
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr "das LDAP-Attribut, das die Namen der Netzgruppenmitglieder enthält"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:967
+#: sssd-ldap.5.xml:1036
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr ""
"Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_member« benutzt werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:971
+#: sssd-ldap.5.xml:1040
msgid "Default: memberNisNetgroup"
msgstr "Voreinstellung: memberNisNetgroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:977
+#: sssd-ldap.5.xml:1046
msgid "ldap_netgroup_triple (string)"
msgstr "ldap_netgroup_triple (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:980
+#: sssd-ldap.5.xml:1049
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
@@ -4150,61 +4335,61 @@ msgstr ""
"enthält"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
+#: sssd-ldap.5.xml:1053 sssd-ldap.5.xml:1086
msgid "This option is not available in IPA provider."
msgstr "Diese Option ist für IPA-Anbieter nicht verfügbar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:987
+#: sssd-ldap.5.xml:1056
msgid "Default: nisNetgroupTriple"
msgstr "Voreinstellung: nisNetgroupTriple"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:993
+#: sssd-ldap.5.xml:1062
msgid "ldap_netgroup_uuid (string)"
msgstr "ldap_netgroup_uuid (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1065
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
"das LDAP-Attribut, das die UUID/GUID eines LDAP-Netzgruppenobjekts enthält"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1000
+#: sssd-ldap.5.xml:1069
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr ""
"Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_member« benutzt werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1010
+#: sssd-ldap.5.xml:1079
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr "ldap_netgroup_modify_timestamp (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1026
+#: sssd-ldap.5.xml:1095
msgid "ldap_service_object_class (string)"
msgstr "ldap_service_object_class (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1029
+#: sssd-ldap.5.xml:1098
msgid "The object class of a service entry in LDAP."
msgstr "die Objektklasse eines Diensteintrags in LDAP"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1032
+#: sssd-ldap.5.xml:1101
msgid "Default: ipService"
msgstr "Voreinstellung: ipService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1038
+#: sssd-ldap.5.xml:1107
msgid "ldap_service_name (string)"
msgstr "ldap_service_name (Zeichenkette)"
# FIXME s/name/names/
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1041
+#: sssd-ldap.5.xml:1110
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
@@ -4212,49 +4397,49 @@ msgstr ""
"das LDAP-Attribut, das die Namen von Dienstattributen und ihre Alias enthält"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1051
+#: sssd-ldap.5.xml:1120
msgid "ldap_service_port (string)"
msgstr "ldap_service_port (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1054
+#: sssd-ldap.5.xml:1123
msgid "The LDAP attribute that contains the port managed by this service."
msgstr "das LDAP-Attribut, das den von diesem Dienst verwalteten Port enthält"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1058
+#: sssd-ldap.5.xml:1127
msgid "Default: ipServicePort"
msgstr "Voreinstellung: ipServicePort"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1064
+#: sssd-ldap.5.xml:1133
msgid "ldap_service_proto (string)"
msgstr "ldap_service_proto (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1067
+#: sssd-ldap.5.xml:1136
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr ""
"das LDAP-Attribut, das die von diesem Dienst verstandenen Protokolle enthält"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1140
msgid "Default: ipServiceProtocol"
msgstr "Voreinstellung: ipServiceProtocol"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1146
msgid "ldap_service_search_base (string)"
msgstr "ldap_service_search_base (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1082
+#: sssd-ldap.5.xml:1151
msgid "ldap_search_timeout (integer)"
msgstr "ldap_search_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1085
+#: sssd-ldap.5.xml:1154
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -4265,7 +4450,7 @@ msgstr ""
"Ergebnisse zurückgegeben werden (und in den Offline-Modus gegangen wird)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1091
+#: sssd-ldap.5.xml:1160
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -4276,12 +4461,12 @@ msgstr ""
"Zeitüberschreitungspunkten für spezielle Nachschlagetypen ersetzt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1103
+#: sssd-ldap.5.xml:1172
msgid "ldap_enumeration_search_timeout (integer)"
msgstr "ldap_enumeration_search_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1106
+#: sssd-ldap.5.xml:1175
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -4293,12 +4478,12 @@ msgstr ""
"(und in den Offline-Modus gegangen wird)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1119
+#: sssd-ldap.5.xml:1188
msgid "ldap_network_timeout (integer)"
msgstr "ldap_network_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1122
+#: sssd-ldap.5.xml:1191
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -4315,13 +4500,13 @@ msgstr ""
"citerefentry> zurückkehrt, falls keine Aktivität stattfindet."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1145
+#: sssd-ldap.5.xml:1214
msgid "ldap_opt_timeout (integer)"
msgstr "ldap_opt_timeout (Ganzzahl)"
# KDC = Key Distribution Center (Schlüsselverwaltungszentrale)
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1148
+#: sssd-ldap.5.xml:1217
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -4333,12 +4518,12 @@ msgstr ""
"SASL-Bind mit der Schlüsselverwaltungszentrale (KDC) kommuniziert wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1160
+#: sssd-ldap.5.xml:1229
msgid "ldap_connection_expire_timeout (integer)"
msgstr "ldap_connection_expire_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1232
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -4352,17 +4537,17 @@ msgstr ""
"Lebensdauer) verwendet."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2120
+#: sssd-ldap.5.xml:1240 sssd-ldap.5.xml:2195
msgid "Default: 900 (15 minutes)"
msgstr "Voreinstellung: 900 (15 Minuten)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1246
msgid "ldap_page_size (integer)"
msgstr "ldap_page_size (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1249
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
@@ -4372,17 +4557,17 @@ msgstr ""
"pro Anfrage."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1185
+#: sssd-ldap.5.xml:1254
msgid "Default: 1000"
msgstr "Voreinstellung: 1000"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1191
+#: sssd-ldap.5.xml:1260
msgid "ldap_disable_paging (boolean)"
msgstr "ldap_disable_paging (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1194
+#: sssd-ldap.5.xml:1263
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -4394,7 +4579,7 @@ msgstr ""
"deaktiviert ist oder sich nicht ordnungsgemäß verhält."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1200
+#: sssd-ldap.5.xml:1269
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
@@ -4404,7 +4589,7 @@ msgstr ""
"aber nicht in der Lage, es zu benutzen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1206
+#: sssd-ldap.5.xml:1275
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -4416,17 +4601,17 @@ msgstr ""
"abgelehnt werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1218
+#: sssd-ldap.5.xml:1287
msgid "ldap_disable_range_retrieval (boolean)"
msgstr "ldap_disable_range_retrieval (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1221
+#: sssd-ldap.5.xml:1290
msgid "Disable Active Directory range retrieval."
msgstr "deaktiviert die Bereichsabfrage von Active Directory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1224
+#: sssd-ldap.5.xml:1293
msgid ""
"Active Directory limits the number of members to be retrieved in a single "
"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
@@ -4442,12 +4627,12 @@ msgstr ""
"es so aussehen, als ob große Gruppen keine Mitglieder hätten."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1239
+#: sssd-ldap.5.xml:1308
msgid "ldap_sasl_minssf (integer)"
msgstr "ldap_sasl_minssf (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1242
+#: sssd-ldap.5.xml:1311
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -4458,19 +4643,19 @@ msgstr ""
"Werte dieser Option werden durch OpenLDAP definiert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1248
+#: sssd-ldap.5.xml:1317
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
"Voreinstellung: verwendet die Voreinstellungen des System (normalerweise in "
"»ldap.conf« angegeben)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1255
+#: sssd-ldap.5.xml:1324
msgid "ldap_deref_threshold (integer)"
msgstr "ldap_deref_threshold (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1258
+#: sssd-ldap.5.xml:1327
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -4482,7 +4667,7 @@ msgstr ""
"nachgeschlagen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1264
+#: sssd-ldap.5.xml:1333
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
@@ -4490,7 +4675,7 @@ msgstr ""
"den Wert auf 0 setzen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1268
+#: sssd-ldap.5.xml:1337
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -4503,7 +4688,7 @@ msgstr ""
"unterstützten Server sind 389/RHDS, OpenLDAP und Active Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1276
+#: sssd-ldap.5.xml:1345
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -4514,12 +4699,12 @@ msgstr ""
"Nachschlagen ohne Rücksicht auf die Einstellung deaktiviert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1289
+#: sssd-ldap.5.xml:1358
msgid "ldap_tls_reqcert (string)"
msgstr "ldap_tls_reqcert (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1292
+#: sssd-ldap.5.xml:1361
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
@@ -4529,7 +4714,7 @@ msgstr ""
"Werte angegeben werden:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1298
+#: sssd-ldap.5.xml:1367
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
@@ -4538,7 +4723,7 @@ msgstr ""
"oder anfordern."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1302
+#: sssd-ldap.5.xml:1371
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -4550,7 +4735,7 @@ msgstr ""
"Sitzung fährt normal fort."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1309
+#: sssd-ldap.5.xml:1378
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -4561,7 +4746,7 @@ msgstr ""
"ungültiges Zertifikat bereitgestellt wird, wird die Sitzung sofort beendet."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1315
+#: sssd-ldap.5.xml:1384
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -4572,22 +4757,22 @@ msgstr ""
"sofort beendet."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1321
+#: sssd-ldap.5.xml:1390
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr "<emphasis>hard</emphasis> = entspricht »demand«"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1325
+#: sssd-ldap.5.xml:1394
msgid "Default: hard"
msgstr "Voreinstellung: hard"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1331
+#: sssd-ldap.5.xml:1400
msgid "ldap_tls_cacert (string)"
msgstr "ldap_tls_cacert (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1334
+#: sssd-ldap.5.xml:1403
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
@@ -4596,7 +4781,7 @@ msgstr ""
"die <command>sssd</command> erkennen wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
+#: sssd-ldap.5.xml:1408 sssd-ldap.5.xml:1426 sssd-ldap.5.xml:1467
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
@@ -4605,12 +4790,12 @@ msgstr ""
"<filename>/etc/openldap/ldap.conf</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1346
+#: sssd-ldap.5.xml:1415
msgid "ldap_tls_cacertdir (string)"
msgstr "ldap_tls_cacertdir (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1349
+#: sssd-ldap.5.xml:1418
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -4624,33 +4809,33 @@ msgstr ""
"Erstellen der korrekten Namen verwendet werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1364
+#: sssd-ldap.5.xml:1433
msgid "ldap_tls_cert (string)"
msgstr "ldap_tls_cert (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1367
+#: sssd-ldap.5.xml:1436
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
"gibt die Datei an, die das Zertifikat für den Schlüssel des Clients enthält."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1377
+#: sssd-ldap.5.xml:1446
msgid "ldap_tls_key (string)"
msgstr "ldap_tls_key (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1380
+#: sssd-ldap.5.xml:1449
msgid "Specifies the file that contains the client's key."
msgstr "gibt die Datei an, die den Schlüssel des Clients enthält."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1389
+#: sssd-ldap.5.xml:1458
msgid "ldap_tls_cipher_suite (string)"
msgstr "ldap_tls_cipher_suite (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1461
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -4662,12 +4847,12 @@ msgstr ""
"manvolnum></citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1474
msgid "ldap_id_use_start_tls (boolean)"
msgstr "ldap_id_use_start_tls (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1408
+#: sssd-ldap.5.xml:1477
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
@@ -4676,12 +4861,12 @@ msgstr ""
"\">tls</systemitem> benutzen muss, um den Kanal abzusichern."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1487
msgid "ldap_id_mapping (boolean)"
msgstr "ldap_id_mapping (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1421
+#: sssd-ldap.5.xml:1490
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -4693,7 +4878,7 @@ msgstr ""
"verlassen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1427
+#: sssd-ldap.5.xml:1496
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
"Derzeit unterstützt diese Funktionalität nur das Abbilden von Active-"
@@ -4701,12 +4886,12 @@ msgstr ""
# FIXME s/interger/integer/
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1437
+#: sssd-ldap.5.xml:1506
msgid "ldap_min_id, ldap_max_id (interger)"
msgstr "ldap_min_id, ldap_max_id (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1440
+#: sssd-ldap.5.xml:1509
msgid ""
"In contrast to the SID based ID mapping which is used if ldap_id_mapping is "
"set to true the allowed ID range for ldap_user_uid_number and "
@@ -4725,17 +4910,17 @@ msgstr ""
"Abbildung von IDs wählen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1452
+#: sssd-ldap.5.xml:1521
msgid "Default: not set (both options are set to 0)"
msgstr "Voreinstellung: nicht gesetzt (beide Optionen sind auf 0 gesetzt)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1458
+#: sssd-ldap.5.xml:1527
msgid "ldap_sasl_mech (string)"
msgstr "ldap_sasl_mech (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1530
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
@@ -4744,12 +4929,12 @@ msgstr ""
"GSSAPI getestet und wird unterstützt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1471
+#: sssd-ldap.5.xml:1540
msgid "ldap_sasl_authid (string)"
msgstr "ldap_sasl_authid (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1474
+#: sssd-ldap.5.xml:1543
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -4764,17 +4949,17 @@ msgstr ""
"enthalten."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1482
+#: sssd-ldap.5.xml:1551
msgid "Default: host/hostname@REALM"
msgstr "Voreinstellung Rechner/MeinRechner@BEREICH"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1557
msgid "ldap_sasl_realm (string)"
msgstr "ldap_sasl_realm (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1560
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -4785,17 +4970,17 @@ msgstr ""
"»ldap_sasl_authid« ebenfalls den Realm enthält, wird diese Option ignoriert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1497
+#: sssd-ldap.5.xml:1566
msgid "Default: the value of krb5_realm."
msgstr "Voreinstellung: der Wert von »krb5_realm«"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1503
+#: sssd-ldap.5.xml:1572
msgid "ldap_sasl_canonicalize (boolean)"
msgstr "ldap_sasl_canonicalize (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1506
+#: sssd-ldap.5.xml:1575
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
@@ -4805,34 +4990,34 @@ msgstr ""
"Bind in eine kanonische Form zu bringen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1511
+#: sssd-ldap.5.xml:1580
msgid "Default: false;"
msgstr "Voreinstellung: false;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1517
+#: sssd-ldap.5.xml:1586
msgid "ldap_krb5_keytab (string)"
msgstr "ldap_krb5_keytab (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1520
+#: sssd-ldap.5.xml:1589
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr "gibt die Keytab an, wenn SASL/GSSAPI benutzt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1523
+#: sssd-ldap.5.xml:1592
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
"Voreinstellung: Keytab des Systems, normalerweise <filename>/etc/krb5."
"keytab</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1529
+#: sssd-ldap.5.xml:1598
msgid "ldap_krb5_init_creds (boolean)"
msgstr "ldap_krb5_init_creds (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1532
+#: sssd-ldap.5.xml:1601
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -4843,28 +5028,28 @@ msgstr ""
"ausgewählte Mechnaismus GSSAPI ist."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1544
+#: sssd-ldap.5.xml:1613
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr "ldap_krb5_ticket_lifetime (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1547
+#: sssd-ldap.5.xml:1616
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
"gibt die Lebensdauer eines TGT in Sekunden an, falls GSSAPI benutzt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:230
+#: sssd-ldap.5.xml:1620 sssd-ad.5.xml:383
msgid "Default: 86400 (24 hours)"
msgstr "Voreinstellung: 86400 (24 Stunden)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1626 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr "krb5_server, krb5_backup_server (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1629
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -4883,7 +5068,7 @@ msgstr ""
"Weitere Informationen finden Sie im Abschnitt »DIENSTSUCHE«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1641 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -4894,7 +5079,7 @@ msgstr ""
"Protokoll angeben. Falls keine gefunden werden, weicht es auf _tcp aus."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1646 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -4906,29 +5091,29 @@ msgstr ""
"migrieren."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1655 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr "krb5_realm (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1589
+#: sssd-ldap.5.xml:1658
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr "gibt den Kerberos-REALM an (für SASL/GSSAPI-Authentifizierung)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1592
+#: sssd-ldap.5.xml:1661
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
"Voreinstellung: Systemvoreinstellungen, siehe <filename>/etc/krb5.conf</"
"filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:460
+#: sssd-ldap.5.xml:1667 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1601
+#: sssd-ldap.5.xml:1670
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
@@ -4938,12 +5123,12 @@ msgstr ""
"Kerberos >= 1.7 verfügbar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:475
+#: sssd-ldap.5.xml:1682 sssd-krb5.5.xml:468
msgid "krb5_use_kdcinfo (boolean)"
msgstr "krb5_use_kdcinfo (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:478
+#: sssd-ldap.5.xml:1685 sssd-krb5.5.xml:471
msgid ""
"Specifies if the SSSD should instruct the Kerberos libraries what realm and "
"which KDCs to use. This option is on by default, if you disable it, you need "
@@ -4959,7 +5144,7 @@ msgstr ""
"manvolnum> </citerefentry> einrichten."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:489
+#: sssd-ldap.5.xml:1696 sssd-krb5.5.xml:482
msgid ""
"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
@@ -4970,12 +5155,12 @@ msgstr ""
"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1710
msgid "ldap_pwd_policy (string)"
msgstr "ldap_pwd_policy (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1713
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
@@ -4984,7 +5169,7 @@ msgstr ""
"Passworts abgeschätzt werden soll. Die folgenden Werte sind erlaubt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1649
+#: sssd-ldap.5.xml:1718
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
@@ -4993,7 +5178,7 @@ msgstr ""
"kann keine Server-seitigen Passwortregelwerke deaktivieren."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1654
+#: sssd-ldap.5.xml:1723
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -5004,7 +5189,7 @@ msgstr ""
"manvolnum></citerefentry>, um abzuschätzen, ob das Passwort erloschen ist."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1660
+#: sssd-ldap.5.xml:1729
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -5015,18 +5200,25 @@ msgstr ""
"»chpass_provider=krb5«, um diese Attribute zu aktualisieren, wenn das "
"Passwort geändert wurde."
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1738
+msgid ""
+"<emphasis>Note</emphasis>: if a password policy is configured on server "
+"side, it always takes precedence over policy set with this option."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1672
+#: sssd-ldap.5.xml:1746
msgid "ldap_referrals (boolean)"
msgstr "ldap_referrals (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1675
+#: sssd-ldap.5.xml:1749
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr "gibt an, ob automatische Verweisverfolgung aktiviert werden soll."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1679
+#: sssd-ldap.5.xml:1753
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
@@ -5035,7 +5227,7 @@ msgstr ""
"mit OpenLDAP Version 2.4.13 oder höher kompiliert wurde."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1684
+#: sssd-ldap.5.xml:1758
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -5049,28 +5241,28 @@ msgstr ""
"merkliche Leistungsverbesserung bringen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1698
+#: sssd-ldap.5.xml:1772
msgid "ldap_dns_service_name (string)"
msgstr "ldap_dns_service_name (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1701
+#: sssd-ldap.5.xml:1775
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
"gibt an, welcher Dienstname bei aktivierter Dienstsuche benutzt werden soll."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1705
+#: sssd-ldap.5.xml:1779
msgid "Default: ldap"
msgstr "Voreinstellung: ldap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1785
msgid "ldap_chpass_dns_service_name (string)"
msgstr "ldap_chpass_dns_service_name (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1788
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
@@ -5079,17 +5271,17 @@ msgstr ""
"soll, der Passwortänderungen bei aktivierter Dienstsuche ermöglicht."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1793
msgid "Default: not set, i.e. service discovery is disabled"
msgstr "Voreinstellung: nicht gesetzt, d.h. Dienstsuche ist deaktiviert"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1725
+#: sssd-ldap.5.xml:1799
msgid "ldap_chpass_update_last_change (bool)"
msgstr "ldap_chpass_update_last_change (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1728
+#: sssd-ldap.5.xml:1802
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
@@ -5098,19 +5290,28 @@ msgstr ""
"Passwortänderung mit Unix-Zeit geändert wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1740
+#: sssd-ldap.5.xml:1814
msgid "ldap_access_filter (string)"
msgstr "ldap_access_filter (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1743
+#: sssd-ldap.5.xml:1817
+#, fuzzy
+#| msgid ""
+#| "If using access_provider = ldap and ldap_access_order = filter (default), "
+#| "this option is mandatory. It specifies an LDAP search filter criteria "
+#| "that must be met for the user to be granted access on this host. If "
+#| "access_provider = ldap, ldap_access_order = filter and this option is not "
+#| "set, it will result in all users being denied access. Use "
+#| "access_provider = permit to change this default behavior."
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
"must be met for the user to be granted access on this host. If "
"access_provider = ldap, ldap_access_order = filter and this option is not "
"set, it will result in all users being denied access. Use access_provider = "
-"permit to change this default behavior."
+"permit to change this default behavior. Please note that this filter is "
+"applied on the LDAP user entry only."
msgstr ""
"Falls »access_provider = ldap« und »ldap_access_order = filter« benutzt wird "
"(Voreinstellung), ist diese Option zwingend notwendig. Sie gibt das LDAP-"
@@ -5121,16 +5322,20 @@ msgstr ""
"»access_provider = permit«, um dieses Standardverhalten zu ändern."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1755 sssd-ldap.5.xml:2349
+#: sssd-ldap.5.xml:1830
msgid "Example:"
msgstr "Beispiel:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1758
-#, no-wrap
+#: sssd-ldap.5.xml:1833
+#, fuzzy, no-wrap
+#| msgid ""
+#| "access_provider = ldap\n"
+#| "ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n"
+#| " "
msgid ""
"access_provider = ldap\n"
-"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n"
+"ldap_access_filter = (employeeType=admin)\n"
" "
msgstr ""
"access_provider = ldap\n"
@@ -5138,16 +5343,20 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1762
+#: sssd-ldap.5.xml:1837
+#, fuzzy
+#| msgid ""
+#| "This example means that access to this host is restricted to members of "
+#| "the \"allowedusers\" group in ldap."
msgid ""
-"This example means that access to this host is restricted to members of the "
-"\"allowedusers\" group in ldap."
+"This example means that access to this host is restricted to users whose "
+"employeeType attribute is set to \"admin\"."
msgstr ""
"Dieses Beispiel bedeutet, dass der Zugriff auf diesen Rechner auf Mitglieder "
"der Gruppe »allowedusers« in LDAP begrenzt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1767
+#: sssd-ldap.5.xml:1842
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -5159,17 +5368,17 @@ msgstr ""
"Falls ja, wird weiterhin offline Zugriff gegeben und umgekehrt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1775 sssd-ldap.5.xml:1832
+#: sssd-ldap.5.xml:1850 sssd-ldap.5.xml:1907
msgid "Default: Empty"
msgstr "Voreinstellung: leer"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1781
+#: sssd-ldap.5.xml:1856
msgid "ldap_account_expire_policy (string)"
msgstr "ldap_account_expire_policy (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1784
+#: sssd-ldap.5.xml:1859
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
@@ -5178,7 +5387,7 @@ msgstr ""
"Zugriffssteuerungsattribute aktiviert werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1863
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -5189,12 +5398,12 @@ msgstr ""
"einem geeigneten Fehlercode zurückweisen, wenn das Passwort korrekt ist."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1795
+#: sssd-ldap.5.xml:1870
msgid "The following values are allowed:"
msgstr "Die folgenden Werte sind erlaubt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1798
+#: sssd-ldap.5.xml:1873
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
@@ -5203,7 +5412,7 @@ msgstr ""
"»ldap_user_shadow_expire«, um zu bestimmen, ob das Konto abgelaufen ist."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1803
+#: sssd-ldap.5.xml:1878
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -5216,7 +5425,7 @@ msgstr ""
"gewährt. Außerdem wird die Ablaufzeit des Kontos geprüft."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1810
+#: sssd-ldap.5.xml:1885
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -5227,7 +5436,7 @@ msgstr ""
"Zugriff erlaubt wird oder nicht."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1816
+#: sssd-ldap.5.xml:1891
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -5240,7 +5449,7 @@ msgstr ""
"Zugriff gewährt wird. Falls diese Attribute fehlen, wird Zugriff erteilt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1825
+#: sssd-ldap.5.xml:1900
msgid ""
"Please note that the ldap_access_order configuration option <emphasis>must</"
"emphasis> include <quote>expire</quote> in order for the "
@@ -5251,29 +5460,29 @@ msgstr ""
"»ldap_account_expire_policy« funktioniert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1838
+#: sssd-ldap.5.xml:1913
msgid "ldap_access_order (string)"
msgstr "ldap_access_order (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1841
+#: sssd-ldap.5.xml:1916
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
"durch Kommas getrennte Liste von Zugriffssteuerungsoptionen. Folgende Werte "
"sind erlaubt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1845
+#: sssd-ldap.5.xml:1920
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr "<emphasis>filter</emphasis>: verwendet »ldap_access_filter«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1848
+#: sssd-ldap.5.xml:1923
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr "<emphasis>expire</emphasis>: verwendet »ldap_account_expire_policy«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1852
+#: sssd-ldap.5.xml:1927
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -5282,19 +5491,19 @@ msgstr ""
"»authorizedService«, um zu bestimmen, ob Zugriff gewährt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1857
+#: sssd-ldap.5.xml:1932
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
"<emphasis>host</emphasis>: verwendet das Attribut »host«, um zu bestimmen, "
"ob Zugriff gewährt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1861
+#: sssd-ldap.5.xml:1936
msgid "Default: filter"
msgstr "Voreinstellung: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1864
+#: sssd-ldap.5.xml:1939
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -5303,12 +5512,12 @@ msgstr ""
"mehr als einmal benutzt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1871
+#: sssd-ldap.5.xml:1946
msgid "ldap_deref (string)"
msgstr "ldap_deref (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1874
+#: sssd-ldap.5.xml:1949
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -5317,12 +5526,12 @@ msgstr ""
"folgenden Optionen sind erlaubt:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1879
+#: sssd-ldap.5.xml:1954
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr "<emphasis>never</emphasis>: Alias werden nie dereferenziert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1883
+#: sssd-ldap.5.xml:1958
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -5332,7 +5541,7 @@ msgstr ""
"Suche."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1888
+#: sssd-ldap.5.xml:1963
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -5341,7 +5550,7 @@ msgstr ""
"der Suche dereferenziert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1893
+#: sssd-ldap.5.xml:1968
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -5350,7 +5559,7 @@ msgstr ""
"Orten des Basisobjekts der Suche dereferenziert."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1898
+#: sssd-ldap.5.xml:1973
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -5359,12 +5568,12 @@ msgstr ""
"<emphasis>never</emphasis> gehandhabt.)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1906
+#: sssd-ldap.5.xml:1981
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr "ldap_rfc2307_fallback_to_local_users (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1909
+#: sssd-ldap.5.xml:1984
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
@@ -5373,7 +5582,7 @@ msgstr ""
"beizubehalten, die das Schema RFC2307 benutzen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1913
+#: sssd-ldap.5.xml:1988
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -5391,7 +5600,7 @@ msgstr ""
"getpw*() oder initgroups() abzurufen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1924
+#: sssd-ldap.5.xml:1999
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -5417,57 +5626,57 @@ msgstr ""
"type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1940
+#: sssd-ldap.5.xml:2015
msgid "SUDO OPTIONS"
msgstr "SUDO-OPTIONEN"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2019
msgid "ldap_sudorule_object_class (string)"
msgstr "ldap_sudorule_object_class (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2022
msgid "The object class of a sudo rule entry in LDAP."
msgstr "die Objektklasse eines Sudo-Regeleintrags in LDAP"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1950
+#: sssd-ldap.5.xml:2025
msgid "Default: sudoRole"
msgstr "Voreinstellung: sudoRole"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1956
+#: sssd-ldap.5.xml:2031
msgid "ldap_sudorule_name (string)"
msgstr "ldap_sudorule_name (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1959
+#: sssd-ldap.5.xml:2034
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr "das LDAP-Attribut, das dem Namen der Sudo-Regel entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1969
+#: sssd-ldap.5.xml:2044
msgid "ldap_sudorule_command (string)"
msgstr "ldap_sudorule_command (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1972
+#: sssd-ldap.5.xml:2047
msgid "The LDAP attribute that corresponds to the command name."
msgstr "das LDAP-Attribut, das dem Namen des Befehls entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1976
+#: sssd-ldap.5.xml:2051
msgid "Default: sudoCommand"
msgstr "Voreinstellung: sudoCommand"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1982
+#: sssd-ldap.5.xml:2057
msgid "ldap_sudorule_host (string)"
msgstr "ldap_sudorule_host (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1985
+#: sssd-ldap.5.xml:2060
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
@@ -5476,17 +5685,17 @@ msgstr ""
"Netzwerk oder des Netzwerkgruppe des Rechners) entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1990
+#: sssd-ldap.5.xml:2065
msgid "Default: sudoHost"
msgstr "Voreinstellung: sudoHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1996
+#: sssd-ldap.5.xml:2071
msgid "ldap_sudorule_user (string)"
msgstr "ldap_sudorule_user (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1999
+#: sssd-ldap.5.xml:2074
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
@@ -5495,32 +5704,32 @@ msgstr ""
"oder der Netzwerkgruppe des Benutzers) entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2003
+#: sssd-ldap.5.xml:2078
msgid "Default: sudoUser"
msgstr "Voreinstellung: sudoUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2009
+#: sssd-ldap.5.xml:2084
msgid "ldap_sudorule_option (string)"
msgstr "ldap_sudorule_option (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2012
+#: sssd-ldap.5.xml:2087
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr "das LDAP-Attribut, das den Sudo-Optionen entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2091
msgid "Default: sudoOption"
msgstr "Voreinstellung: sudoOption"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2022
+#: sssd-ldap.5.xml:2097
msgid "ldap_sudorule_runasuser (string)"
msgstr "ldap_sudorule_runasuser (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2100
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
@@ -5529,17 +5738,17 @@ msgstr ""
"ausgeführt werden können"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:2104
msgid "Default: sudoRunAsUser"
msgstr "Voreinstellung: sudoRunAsUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2110
msgid "ldap_sudorule_runasgroup (string)"
msgstr "ldap_sudorule_runasgroup (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2113
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
@@ -5548,17 +5757,17 @@ msgstr ""
"worunter Befehle ausgeführt werden können"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2042
+#: sssd-ldap.5.xml:2117
msgid "Default: sudoRunAsGroup"
msgstr "Voreinstellung: sudoRunAsGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2048
+#: sssd-ldap.5.xml:2123
msgid "ldap_sudorule_notbefore (string)"
msgstr "ldap_sudorule_notbefore (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2051
+#: sssd-ldap.5.xml:2126
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
@@ -5567,17 +5776,17 @@ msgstr ""
"Sudo-Regel gültig wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2055
+#: sssd-ldap.5.xml:2130
msgid "Default: sudoNotBefore"
msgstr "Voreinstellung: sudoNotBefore"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2061
+#: sssd-ldap.5.xml:2136
msgid "ldap_sudorule_notafter (string)"
msgstr "ldap_sudorule_notafter (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2064
+#: sssd-ldap.5.xml:2139
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
@@ -5586,32 +5795,32 @@ msgstr ""
"der die Sudo-Regel nicht länger gültig ist."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2069
+#: sssd-ldap.5.xml:2144
msgid "Default: sudoNotAfter"
msgstr "Voreinstellung: sudoNotAfter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2075
+#: sssd-ldap.5.xml:2150
msgid "ldap_sudorule_order (string)"
msgstr "ldap_sudorule_order (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2078
+#: sssd-ldap.5.xml:2153
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr "das LDAP-Attribut, das dem Reihenfolgenindex der Regel entspricht"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2082
+#: sssd-ldap.5.xml:2157
msgid "Default: sudoOrder"
msgstr "Voreinstellung: sudoOrder"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2088
+#: sssd-ldap.5.xml:2163
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr "ldap_sudo_full_refresh_interval (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2091
+#: sssd-ldap.5.xml:2166
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
@@ -5622,7 +5831,7 @@ msgstr ""
# FIXME s# </emphasis>#</emphasis>#
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2171
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
@@ -5631,17 +5840,17 @@ msgstr ""
"emphasis> sein."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2101
+#: sssd-ldap.5.xml:2176
msgid "Default: 21600 (6 hours)"
msgstr "Voreinstellung: 21600 (6 Stunden)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2107
+#: sssd-ldap.5.xml:2182
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr "ldap_sudo_smart_refresh_interval (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2110
+#: sssd-ldap.5.xml:2185
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5652,7 +5861,7 @@ msgstr ""
"höchste USN der zwischengespeicherten Regeln haben, heruntergeladen werden)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2116
+#: sssd-ldap.5.xml:2191
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
@@ -5661,12 +5870,12 @@ msgstr ""
"das Attribut »modifyTimestamp« benutzt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2126
+#: sssd-ldap.5.xml:2201
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr "ldap_sudo_use_host_filter (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2129
+#: sssd-ldap.5.xml:2204
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
@@ -5676,12 +5885,12 @@ msgstr ""
"Netzwerkadressen und Rechnernamen)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2140
+#: sssd-ldap.5.xml:2215
msgid "ldap_sudo_hostnames (string)"
msgstr "ldap_sudo_hostnames (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2218
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
@@ -5690,7 +5899,7 @@ msgstr ""
"Domain-Namen, die zum Filtern der Regeln benutzt werden sollen"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2148
+#: sssd-ldap.5.xml:2223
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
@@ -5699,8 +5908,8 @@ msgstr ""
"voll qualifizierten Domain-Namen automatisch herauszufinden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2153 sssd-ldap.5.xml:2176 sssd-ldap.5.xml:2194
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2228 sssd-ldap.5.xml:2251 sssd-ldap.5.xml:2269
+#: sssd-ldap.5.xml:2287
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
@@ -5709,17 +5918,17 @@ msgstr ""
"emphasis> ist, hat diese Option keine Auswirkungen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181
+#: sssd-ldap.5.xml:2233 sssd-ldap.5.xml:2256
msgid "Default: not specified"
msgstr "Voreinstellung: nicht angegeben"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2239
msgid "ldap_sudo_ip (string)"
msgstr "ldap_sudo_ip (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2242
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
@@ -5728,7 +5937,7 @@ msgstr ""
"Netzwerkadressen, die zum Filtern der Regeln benutzt werden sollen"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2172
+#: sssd-ldap.5.xml:2247
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
@@ -5737,12 +5946,12 @@ msgstr ""
"herauszufinden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2187
+#: sssd-ldap.5.xml:2262
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr "ldap_sudo_include_netgroups (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2265
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
@@ -5751,12 +5960,12 @@ msgstr ""
"eine Netzgruppe im Attribut »sudoHost« enthält."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2280
msgid "ldap_sudo_include_regexp (boolean)"
msgstr "ldap_sudo_include_regexp (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2283
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
@@ -5765,12 +5974,7 @@ msgstr ""
"einen Platzhalter im Attribut »sudoHost« enthält."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1942
-msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
-msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
-
-#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2299
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5783,12 +5987,12 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2309
msgid "AUTOFS OPTIONS"
msgstr "AUTOFS-OPTIONEN"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2236
+#: sssd-ldap.5.xml:2311
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
@@ -5797,47 +6001,68 @@ msgstr ""
"entsprechen. "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2242
+#: sssd-ldap.5.xml:2317
+#, fuzzy
+#| msgid "ldap_autofs_map_name (string)"
+msgid "ldap_autofs_map_master_name (string)"
+msgstr "ldap_autofs_map_name (Zeichenkette)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2320
+#, fuzzy
+#| msgid "The name of an automount map entry in LDAP."
+msgid "The name of the automount master map in LDAP."
+msgstr "der Name eines Automount-Abbildungseintrags in LDAP"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2323
+#, fuzzy
+#| msgid "Default: sudoUser"
+msgid "Default: auto.master"
+msgstr "Voreinstellung: sudoUser"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2330
msgid "ldap_autofs_map_object_class (string)"
msgstr "ldap_autofs_map_object_class (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2245 sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2333 sssd-ldap.5.xml:2359
msgid "The object class of an automount map entry in LDAP."
msgstr "die Objektklasse eines Automount-Abbildungseintrags in LDAP"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2248 sssd-ldap.5.xml:2275
+#: sssd-ldap.5.xml:2336 sssd-ldap.5.xml:2363
msgid "Default: automountMap"
msgstr "Voreinstellung: automountMap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2255
+#: sssd-ldap.5.xml:2343
msgid "ldap_autofs_map_name (string)"
msgstr "ldap_autofs_map_name (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:2346
msgid "The name of an automount map entry in LDAP."
msgstr "der Name eines Automount-Abbildungseintrags in LDAP"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2349
msgid "Default: ou"
msgstr "Voreinstellung: ou"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2268
+#: sssd-ldap.5.xml:2356
msgid "ldap_autofs_entry_object_class (string)"
msgstr "ldap_autofs_entry_object_class (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2370
msgid "ldap_autofs_entry_key (string)"
msgstr "ldap_autofs_entry_key (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2285 sssd-ldap.5.xml:2299
+#: sssd-ldap.5.xml:2373 sssd-ldap.5.xml:2387
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
@@ -5846,22 +6071,28 @@ msgstr ""
"Eintrag einem Einhängepunkt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2296
+#: sssd-ldap.5.xml:2384
msgid "ldap_autofs_entry_value (string)"
msgstr "ldap_autofs_entry_value (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2303
+#: sssd-ldap.5.xml:2391
msgid "Default: automountInformation"
msgstr "Voreinstellung: automountInformation"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2240
+#: sssd-ldap.5.xml:2315
+#, fuzzy
+#| msgid ""
+#| "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
+#| "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
+#| "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type="
+#| "\"variablelist\" id=\"4\"/>"
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type="
-"\"variablelist\" id=\"4\"/>"
+"\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>"
msgstr ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5869,102 +6100,37 @@ msgstr ""
"\"variablelist\" id=\"4\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2313
+#: sssd-ldap.5.xml:2401
msgid "ADVANCED OPTIONS"
msgstr "ERWEITERTE OPTIONEN"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2320
+#: sssd-ldap.5.xml:2408
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2325
+#: sssd-ldap.5.xml:2413
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2418
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2335
-msgid "ldap_user_search_filter (string)"
-msgstr "ldap_user_search_filter (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2338
-msgid ""
-"This option specifies an additional LDAP search filter criteria that "
-"restrict user searches."
-msgstr ""
-"Diese Option gibt ein zusätzliches LDAP-Suchfilterkriterium an, das die "
-"Benutzersuche einschränkt."
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2342
-msgid ""
-"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
-"by ldap_user_search_base."
-msgstr ""
-"Diese Option ist zugunsten von der durch »ldap_user_search_base« benutzten "
-"Syntax <emphasis>missbilligt</emphasis>."
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2352
-#, no-wrap
-msgid ""
-" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
-" "
-msgstr ""
-" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
-" "
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2355
-msgid ""
-"This filter would restrict user searches to users that have their shell set "
-"to /bin/tcsh."
-msgstr ""
-"Dieser Filter würde die Benutzersuche auf Benutzer beschränken, deren Shell "
-"auf /bin/tcsh gesetzt ist."
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2362
-msgid "ldap_group_search_filter (string)"
-msgstr "ldap_group_search_filter (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2365
-msgid ""
-"This option specifies an additional LDAP search filter criteria that "
-"restrict group searches."
-msgstr ""
-"Diese Option gibt ein zusätzliches LDAP-Suchfilterkriterium an, das "
-"Gruppensuchen einschränkt."
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2369
-msgid ""
-"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
-"by ldap_group_search_base."
-msgstr ""
-"Diese Option ist <emphasis>missbilligt</emphasis> zugunsten von der durch "
-"»ldap_group_search_base« benutzten Syntax."
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2379
+#: sssd-ldap.5.xml:2423
msgid "ldap_sudo_search_base (string)"
msgstr "ldap_sudo_search_base (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2384
+#: sssd-ldap.5.xml:2428
msgid "ldap_autofs_search_base (string)"
msgstr "ldap_autofs_search_base (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2315
+#: sssd-ldap.5.xml:2403
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5975,7 +6141,7 @@ msgstr ""
"falls Sie wissen, was Sie tun. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2401
+#: sssd-ldap.5.xml:2445
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5986,7 +6152,7 @@ msgstr ""
"gesetzt ist."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2407
+#: sssd-ldap.5.xml:2451
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -6006,20 +6172,20 @@ msgstr ""
" cache_credentials = true\n"
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2406 sssd-simple.5.xml:139 sssd-ipa.5.xml:767
-#: sssd-ad.5.xml:301 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:535
-#: include/ldap_id_mapping.xml:63
+#: sssd-ldap.5.xml:2450 sssd-simple.5.xml:139 sssd-ipa.5.xml:560
+#: sssd-ad.5.xml:454 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528
+#: include/ldap_id_mapping.xml:105
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2419 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:316
-#: sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2463 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:469
+#: sssd.8.xml:191 sss_seed.8.xml:163
msgid "NOTES"
msgstr "ANMERKUNGEN"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2421
+#: sssd-ldap.5.xml:2465
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6053,13 +6219,21 @@ msgstr "PAM-Modul für SSSD"
# FIXME s/<replaceable>/<literal>
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: pam_sss.8.xml:24
+#, fuzzy
+#| msgid ""
+#| "<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</"
+#| "replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</"
+#| "replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</"
+#| "replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</"
+#| "replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> "
+#| "</arg>"
msgid ""
"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</"
"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</"
"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</"
"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</"
"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </"
-"arg>"
+"arg> <arg choice='opt'> <replaceable>ignore_unknown_user</replaceable> </arg>"
msgstr ""
"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</"
"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</"
@@ -6069,7 +6243,7 @@ msgstr ""
"arg>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: pam_sss.8.xml:45
+#: pam_sss.8.xml:48
msgid ""
"<command>pam_sss.so</command> is the PAM interface to the System Security "
"Services daemon (SSSD). Errors and results are logged through "
@@ -6081,22 +6255,22 @@ msgstr ""
"Fertigkeit LOG_AUTHPRIV protokolliert."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: pam_sss.8.xml:55
+#: pam_sss.8.xml:58
msgid "<option>quiet</option>"
msgstr "<option>quiet</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: pam_sss.8.xml:58
+#: pam_sss.8.xml:61
msgid "Suppress log messages for unknown users."
msgstr "unterdrückt Protokollnachrichten für unbekannte Benutzer"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: pam_sss.8.xml:63
+#: pam_sss.8.xml:66
msgid "<option>forward_pass</option>"
msgstr "<option>forward_pass</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: pam_sss.8.xml:66
+#: pam_sss.8.xml:69
msgid ""
"If <option>forward_pass</option> is set the entered password is put on the "
"stack for other PAM modules to use."
@@ -6106,12 +6280,12 @@ msgstr ""
"es nutzen können."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: pam_sss.8.xml:73
+#: pam_sss.8.xml:76
msgid "<option>use_first_pass</option>"
msgstr "<option>use_first_pass</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: pam_sss.8.xml:76
+#: pam_sss.8.xml:79
msgid ""
"The argument use_first_pass forces the module to use a previous stacked "
"modules password and will never prompt the user - if no password is "
@@ -6123,12 +6297,12 @@ msgstr ""
"ungeeignet ist, wird dem Benutzer der Zugriff verwehrt."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: pam_sss.8.xml:84
+#: pam_sss.8.xml:87
msgid "<option>use_authtok</option>"
msgstr "<option>use_authtok</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: pam_sss.8.xml:87
+#: pam_sss.8.xml:90
msgid ""
"When password changing enforce the module to set the new password to the one "
"provided by a previously stacked password module."
@@ -6138,12 +6312,12 @@ msgstr ""
"bereitgestellt wird."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
-#: pam_sss.8.xml:94
+#: pam_sss.8.xml:97
msgid "<option>retry=N</option>"
msgstr "<option>retry=N</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: pam_sss.8.xml:97
+#: pam_sss.8.xml:100
msgid ""
"If specified the user is asked another N times for a password if "
"authentication fails. Default is 0."
@@ -6152,7 +6326,7 @@ msgstr ""
"gefragt, falls die Authentifizierung fehlschlägt. Voreinstellung ist 0."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: pam_sss.8.xml:99
+#: pam_sss.8.xml:102
msgid ""
"Please note that this option might not work as expected if the application "
"calling PAM handles the user dialog on its own. A typical example is "
@@ -6163,13 +6337,27 @@ msgstr ""
"selbst abwickelt. Ein typisches Beispiel ist <command>sshd</command> mit "
"<option>PasswordAuthentication</option>."
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:111
+#, fuzzy
+#| msgid "<option>forward_pass</option>"
+msgid "<option>ignore_unknown_user</option>"
+msgstr "<option>forward_pass</option>"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:114
+msgid ""
+"If this option is specified and the user does not exist, the PAM module will "
+"return PAM_IGNORE. This causes the PAM framework to ignore this module."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><title>
-#: pam_sss.8.xml:110
+#: pam_sss.8.xml:123
msgid "MODULE TYPES PROVIDED"
msgstr "BEREITGESTELLTE MODULTYPEN"
#. type: Content of: <reference><refentry><refsect1><para>
-#: pam_sss.8.xml:111
+#: pam_sss.8.xml:124
msgid ""
"All module types (<option>account</option>, <option>auth</option>, "
"<option>password</option> and <option>session</option>) are provided."
@@ -6179,12 +6367,12 @@ msgstr ""
"bereitgestellt."
#. type: Content of: <reference><refentry><refsect1><title>
-#: pam_sss.8.xml:117
+#: pam_sss.8.xml:130
msgid "FILES"
msgstr "DATEIEN"
#. type: Content of: <reference><refentry><refsect1><para>
-#: pam_sss.8.xml:118
+#: pam_sss.8.xml:131
msgid ""
"If a password reset by root fails, because the corresponding SSSD provider "
"does not support password resets, an individual message can be displayed. "
@@ -6196,7 +6384,7 @@ msgstr ""
"Anweisungen enthalten, wie ein Passwort zurückgesetzt wird."
#. type: Content of: <reference><refentry><refsect1><para>
-#: pam_sss.8.xml:123
+#: pam_sss.8.xml:136
msgid ""
"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</"
"filename> where LOC stands for a locale string returned by <citerefentry> "
@@ -6216,7 +6404,7 @@ msgstr ""
"Leserechte haben dürfen."
#. type: Content of: <reference><refentry><refsect1><para>
-#: pam_sss.8.xml:133
+#: pam_sss.8.xml:146
msgid ""
"These files are searched in the directory <filename>/etc/sssd/customize/"
"DOMAIN_NAME/</filename>. If no matching file is present a generic message is "
@@ -6231,9 +6419,29 @@ msgstr ""
msgid "sssd_krb5_locator_plugin"
msgstr "sssd_krb5_locator_plugin"
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd_krb5_locator_plugin.8.xml:16
+#, fuzzy
+#| msgid "sssd_krb5_locator_plugin"
+msgid "Kerberos locator plugin"
+msgstr "sssd_krb5_locator_plugin"
+
# Fixme: missing period at the end of the section
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_locator_plugin.8.xml:22
+#, fuzzy
+#| msgid ""
+#| "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> "
+#| "is used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</"
+#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the "
+#| "Kerberos libraries what Realm and which KDC to use. Typically this is "
+#| "done in <citerefentry> <refentrytitle>krb5.conf</refentrytitle> "
+#| "<manvolnum>5</manvolnum> </citerefentry> which is always read by the "
+#| "Kerberos libraries. To simplify the configuration the Realm and the KDC "
+#| "can be defined in <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+#| "<manvolnum>5</manvolnum> </citerefentry> as described in <citerefentry> "
+#| "<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+#| "citerefentry>"
msgid ""
"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is "
"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</"
@@ -6244,7 +6452,7 @@ msgid ""
"To simplify the configuration the Realm and the KDC can be defined in "
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> as described in <citerefentry> "
-"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>"
msgstr ""
"Die Kerberos-Locator-Erweiterung <command>sssd_krb5_locator_plugin</command> "
@@ -6425,7 +6633,7 @@ msgstr ""
"Lokale Gruppen werden nicht ausgewertet."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:84
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:89
msgid ""
"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -6486,6 +6694,11 @@ msgstr ""
msgid "sssd-ipa"
msgstr "sssd-ipa"
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-ipa.5.xml:17
+msgid "SSSD IPA provider"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:23
msgid ""
@@ -6611,7 +6824,7 @@ msgstr ""
"zu identifizieren."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:167
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320
msgid "dyndns_update (boolean)"
msgstr "dyndns_update (Boolesch)"
@@ -6631,7 +6844,7 @@ msgstr ""
"»dyndns_iface« keine andere angegeben wurde."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:128 sssd-ad.5.xml:181
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
@@ -6653,12 +6866,12 @@ msgstr ""
"Konfigurationsdatei migrieren."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:145 sssd-ad.5.xml:192
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345
msgid "dyndns_ttl (integer)"
msgstr "dyndns_ttl (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:148 sssd-ad.5.xml:195
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
@@ -6687,12 +6900,12 @@ msgid "Default: 1200 (seconds)"
msgstr "Voreinstellung: 1200 (Sekunden)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:165 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359
msgid "dyndns_iface (string)"
msgstr "dyndns_iface (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:168 sssd-ad.5.xml:209
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
@@ -6724,7 +6937,7 @@ msgid "ipa_enable_dns_sites (boolean)"
msgstr "ipa_enable_dns_sites (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188 sssd-ad.5.xml:147
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:152
msgid "Enables DNS sites - location based service discovery."
msgstr "aktiviert DNS-Sites – standortbasierte Dienstsuche"
@@ -6749,12 +6962,12 @@ msgstr ""
"gefundenen als Sicherungsserver."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:211 sssd-ad.5.xml:220
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373
msgid "dyndns_refresh_interval (integer)"
msgstr "dyndns_refresh_interval (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:214 sssd-ad.5.xml:223
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
@@ -6765,12 +6978,12 @@ msgstr ""
"Diese Option ist optional und nur anwendbar, wenn »dyndns_update« »true« ist."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:227 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389
msgid "dyndns_update_ptr (bool)"
msgstr "dyndns_update_ptr (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:230 sssd-ad.5.xml:239
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
@@ -6795,12 +7008,12 @@ msgid "Default: False (disabled)"
msgstr "Voreinstellung: False (deaktiviert)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:247 sssd-ad.5.xml:250
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403
msgid "dyndns_force_tcp (bool)"
msgstr "dyndns_force_tcp (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:253
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
@@ -6809,7 +7022,7 @@ msgstr ""
"DNS-Server verwenden soll"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:254 sssd-ad.5.xml:257
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410
msgid "Default: False (let nsupdate choose the protocol)"
msgstr "Voreinstellung: False (lässt Nsupdate das Protokoll auswählen)"
@@ -6843,7 +7056,7 @@ msgstr ""
"Rechnerobjekte"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:299 sssd-ipa.5.xml:318 sssd-ipa.5.xml:337
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
@@ -6851,76 +7064,64 @@ msgstr ""
"Informationen über das Konfigurieren mehrerer Suchgrundlagen finden Sie "
"unter »ldap_search_base«."
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:285
-msgid ""
-"If filter is given in any of search bases and "
-"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
-"will be ignored."
-msgstr ""
-"Falls in irgendeiner der Suchgrundlagen ein Filter angegeben wurde und "
-"<emphasis>ipa_hbac_support_srchost</emphasis> auf »False« gesetzt ist, wird "
-"der Filter ignoriert."
-
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
-#: include/ldap_search_bases_experimental.xml:23
+#: sssd-ipa.5.xml:285 sssd-ipa.5.xml:304 include/ldap_search_bases.xml:27
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr "Voreinstellung: der Wert von <emphasis>ldap_search_base</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:297
+#: sssd-ipa.5.xml:292
msgid "ipa_selinux_search_base (string)"
msgstr "ipa_selinux_search_base (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:300
+#: sssd-ipa.5.xml:295
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
"optional, verwendet die angegebene Zeichenkette als Suchgrundlage für "
"SELinux-Benutzerabbildungen"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:316
+#: sssd-ipa.5.xml:311
msgid "ipa_subdomains_search_base (string)"
msgstr "ipa_subdomains_search_base (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:319
+#: sssd-ipa.5.xml:314
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
"optional, verwendet die angegebene Zeichenkette als Suchgrundlage für "
"vertrauenswürdige Domains"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:328
+#: sssd-ipa.5.xml:323
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr "Voreinstellung: der Wert von <emphasis>cn=trusts,%basedn</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:335
+#: sssd-ipa.5.xml:330
msgid "ipa_master_domain_search_base (string)"
msgstr "ipa_master_domain_search_base (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:333
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
"optional, verwendet die angegebene Zeichenkette als Suchgrundlage für das "
"Master-Domain-Objekt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:347
+#: sssd-ipa.5.xml:342
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr "Voreinstellung: der Wert von <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:252
+#: sssd-ipa.5.xml:349 sssd-krb5.5.xml:245
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:357
+#: sssd-ipa.5.xml:352
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
@@ -6928,7 +7129,7 @@ msgstr ""
"prüft mit Hilfe von »krb5_keytab«, ob das erhaltene TGT keine Täuschung ist."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:364 sssd-ad.5.xml:277
+#: sssd-ipa.5.xml:359 sssd-ad.5.xml:430
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
@@ -6937,7 +7138,7 @@ msgstr ""
"Kerberos-Anbieters unterscheidet."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:369
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
@@ -6946,7 +7147,7 @@ msgstr ""
"Wert von »ipa_domain«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:378
+#: sssd-ipa.5.xml:373
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
@@ -6956,7 +7157,7 @@ msgstr ""
"zu verwenden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:389
+#: sssd-ipa.5.xml:384
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -6967,12 +7168,76 @@ msgstr ""
"Funktionalität ist mit Kerberos >= 1.7 verfügbar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:402
+#: sssd-ipa.5.xml:397 sssd-krb5.5.xml:407
+msgid "krb5_use_fast (string)"
+msgstr "krb5_use_fast (Zeichenkette)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:400 sssd-krb5.5.xml:410
+msgid ""
+"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
+"authentication. The following options are supported:"
+msgstr ""
+"Schaltet das flexible Authentifizierungs-Sicherheits-Tunneln (FAST) für die "
+"Vorauthentifizierung von Kerberos ein. Die folgenden Optionen werden "
+"unterstützt:"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:405
+#, fuzzy
+#| msgid "<emphasis>h</emphasis> for hours"
+msgid "<emphasis>never</emphasis> use FAST."
+msgstr "<emphasis>h</emphasis> für Stunden"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:408
+#, fuzzy
+#| msgid ""
+#| "<emphasis>try</emphasis> to use FAST. If the server does not support "
+#| "FAST, continue the authentication without it."
+msgid ""
+"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
+"continue the authentication without it. This is equivalent to not setting "
+"this option at all."
+msgstr ""
+"<emphasis>try</emphasis>: Es wird versucht, FAST zu benutzen. Falls der "
+"Server kein FAST unterstützt, fährt die Authentifizierung ohne fort."
+
+# FIXME s/fast/FAST/
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:414 sssd-krb5.5.xml:424
+msgid ""
+"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
+"server does not require fast."
+msgstr ""
+"<emphasis>demand</emphasis>: Fragt nach, ob FAST benutzt werden soll. Die "
+"Authentifizierung schlägt fehl, falls der Server kein FAST erfordert."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:419
+#, fuzzy
+#| msgid "Default: true"
+msgid "Default: try"
+msgstr "Voreinstellung: »true«"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:435
+msgid ""
+"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
+"SSSD is used with an older version of MIT Kerberos, using this option is a "
+"configuration error."
+msgstr ""
+"HINWEIS: SSSD unterstützt FAST nur mit MIT-Kerberos-Version 1.8 und neuer. "
+"Falls SSSD mit einer älteren Version von MIT-Kerberos benutzt wird, ist die "
+"Verwendung dieser Option ein Konfigurationsfehler."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:431
msgid "ipa_hbac_refresh (integer)"
msgstr "ipa_hbac_refresh (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:405
+#: sssd-ipa.5.xml:434
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -6983,17 +7248,17 @@ msgstr ""
"Zugriffssteuerungsanfragen in einer kurzen Zeitspanne ankommen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
+#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457
msgid "Default: 5 (seconds)"
msgstr "Voreinstellung: 5 (Sekunden)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:418
+#: sssd-ipa.5.xml:447
msgid "ipa_hbac_selinux (integer)"
msgstr "ipa_hbac_selinux (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:421
+#: sssd-ipa.5.xml:450
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -7004,12 +7269,12 @@ msgstr ""
"viele Benutzeranmeldeanfragen in einer kurzen Zeitspanne ankommen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:434
+#: sssd-ipa.5.xml:463
msgid "ipa_hbac_treat_deny_as (string)"
msgstr "ipa_hbac_treat_deny_as (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:437
+#: sssd-ipa.5.xml:466
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -7023,7 +7288,7 @@ msgstr ""
"Übergangszeit zwei Modi unterstützen:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:446
+#: sssd-ipa.5.xml:475
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
@@ -7032,7 +7297,7 @@ msgstr ""
"werden, wird allen Benutzern der Zugriff verwehrt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:451
+#: sssd-ipa.5.xml:480
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
@@ -7042,47 +7307,23 @@ msgstr ""
"Tor öffnen kann."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:456
+#: sssd-ipa.5.xml:485
msgid "Default: DENY_ALL"
msgstr "Voreinstellung: DENY_ALL"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:462
-msgid "ipa_hbac_support_srchost (boolean)"
-msgstr "ipa_hbac_support_srchost (Boolesch)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:465
-msgid ""
-"If this is set to false, then srchost as given to SSSD by PAM will be "
-"ignored."
-msgstr ""
-"Falls dies auf »false« gesetzt ist, wird »srchost«, das durch PAM an SSSD "
-"übergeben wurde, ignoriert."
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:469
-msgid ""
-"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
-"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
-msgstr ""
-"Beachten Sie, dass diese Option, falls sie auf <emphasis>False</emphasis> "
-"gesetzt ist, veranlasst, dass in <emphasis>ipa_host_search_base</emphasis> "
-"angegebene Filter ignoriert werden."
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:480
+#: sssd-ipa.5.xml:491
msgid "ipa_server_mode (boolean)"
msgstr "ipa_server_mode (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:483
+#: sssd-ipa.5.xml:494
msgid "This option should only be set by the IPA installer."
msgstr ""
"Diese Option sollte nur durch das IPA-Installationsprogramm gesetzt werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:487
+#: sssd-ipa.5.xml:498
msgid ""
"The option denotes that the SSSD is running on IPA server and should perform "
"lookups of users and groups from trusted domains differently."
@@ -7092,295 +7333,27 @@ msgstr ""
"durchgeführt werden sollte."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:498
+#: sssd-ipa.5.xml:509
msgid "ipa_automount_location (string)"
msgstr "ipa_automount_location (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:501
+#: sssd-ipa.5.xml:512
msgid "The automounter location this IPA client will be using"
msgstr "der Ort des Automounters, den dieser IPA-Client benutzen wird"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:504
+#: sssd-ipa.5.xml:515
msgid "Default: The location named \"default\""
msgstr "Voreinstellung: der Ort namens »default«"
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:511
-msgid "ipa_netgroup_member_of (string)"
-msgstr "ipa_netgroup_member_of (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:514
-msgid "The LDAP attribute that lists netgroup's memberships."
-msgstr "das LDAP-Attribut, das die Netzgruppenmitgliedschaften aufführt"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:523
-msgid "ipa_netgroup_member_user (string)"
-msgstr "ipa_netgroup_member_user (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:526
-msgid ""
-"The LDAP attribute that lists system users and groups that are direct "
-"members of the netgroup."
-msgstr ""
-"das LDAP-Attribut, das die Systembenutzer und Gruppen aufführt, die direkte "
-"Mitglieder der Netzgruppe sind"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:531 sssd-ipa.5.xml:626
-msgid "Default: memberUser"
-msgstr "Voreinstellung: memberUser"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:536
-msgid "ipa_netgroup_member_host (string)"
-msgstr "ipa_netgroup_member_host (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:539
-msgid ""
-"The LDAP attribute that lists hosts and host groups that are direct members "
-"of the netgroup."
-msgstr ""
-"das LDAP-Attribut, das Rechner und Rechnergruppen aufführt, die direkte "
-"Mitglieder der Netzgruppe sind"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:543 sssd-ipa.5.xml:638
-msgid "Default: memberHost"
-msgstr "Voreinstellung: memberHost"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:548
-msgid "ipa_netgroup_member_ext_host (string)"
-msgstr "ipa_netgroup_member_ext_host (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:551
-msgid ""
-"The LDAP attribute that lists FQDNs of hosts and host groups that are "
-"members of the netgroup."
-msgstr ""
-"das LDAP-Attribut, das FQDNs von Rechnern und Rechnergruppen aufführt, die "
-"direkte Mitglieder der Netzgruppe sind"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:555
-msgid "Default: externalHost"
-msgstr "Voreinstellung: externalHost"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:560
-msgid "ipa_netgroup_domain (string)"
-msgstr "ipa_netgroup_domain (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:563
-msgid "The LDAP attribute that contains NIS domain name of the netgroup."
-msgstr "das LDAP-Attribut, das den NIS-Domain-Namen der Netzgruppe enthält"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
-msgid "Default: nisDomainName"
-msgstr "Voreinstellung: nisDomainName"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
-msgid "ipa_host_object_class (string)"
-msgstr "ipa_host_object_class (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:576 sssd-ipa.5.xml:599
-msgid "The object class of a host entry in LDAP."
-msgstr "die Objektklasse eines Rechnereintrags in LDAP"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:579 sssd-ipa.5.xml:602
-msgid "Default: ipaHost"
-msgstr "Voreinstellung: ipaHost"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
-msgid "ipa_host_fqdn (string)"
-msgstr "ipa_host_fqdn (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
-msgid "The LDAP attribute that contains FQDN of the host."
-msgstr "das LDAP-Attribut, das den FQDN des Rechners enthält"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:590
-msgid "Default: fqdn"
-msgstr "Voreinstellung: fqdn"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
-msgid "ipa_selinux_usermap_object_class (string)"
-msgstr "ipa_selinux_usermap_object_class (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:607
-msgid "ipa_selinux_usermap_name (string)"
-msgstr "ipa_selinux_usermap_name (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:610
-msgid "The LDAP attribute that contains the name of SELinux usermap."
-msgstr "das LDAP-Attribut, das den Namen der SELinux-Benutzerabbildung enthält"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:619
-msgid "ipa_selinux_usermap_member_user (string)"
-msgstr "ipa_selinux_usermap_member_user (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:622
-msgid ""
-"The LDAP attribute that contains all users / groups this rule match against."
-msgstr ""
-"das LDAP-Attribut, das alle Benutzer/Gruppen enthält, auf die diese Regel "
-"passt"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:631
-msgid "ipa_selinux_usermap_member_host (string)"
-msgstr "ipa_selinux_usermap_member_host (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:634
-msgid ""
-"The LDAP attribute that contains all hosts / hostgroups this rule match "
-"against."
-msgstr ""
-"das LDAP-Attribut, das alle Rechner/Rechnergruppen enthält, auf die diese "
-"Regel passt"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:643
-msgid "ipa_selinux_usermap_see_also (string)"
-msgstr "ipa_selinux_usermap_see_also (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:646
-msgid ""
-"The LDAP attribute that contains DN of HBAC rule which can be used for "
-"matching instead of memberUser and memberHost"
-msgstr ""
-"das LDAP-Attribut, das DNs von HBAC-Regeln enthält, die anstelle von "
-"»memberUser« und »memberHost« zum Abgleich benutzt werden können"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:651
-msgid "Default: seeAlso"
-msgstr "Voreinstellung: seeAlso"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:656
-msgid "ipa_selinux_usermap_selinux_user (string)"
-msgstr "ipa_selinux_usermap_selinux_user (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:659
-msgid "The LDAP attribute that contains SELinux user string itself."
-msgstr "das LDAP-Attribut, das die SELinux-Benutzerzeichenkette selbst enthält"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:663
-msgid "Default: ipaSELinuxUser"
-msgstr "Voreinstellung: ipaSELinuxUser"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:668
-msgid "ipa_selinux_usermap_enabled (string)"
-msgstr "ipa_selinux_usermap_enabled (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:671
-msgid ""
-"The LDAP attribute that contains whether or not is user map enabled for "
-"usage."
-msgstr ""
-"das LDAP-Attribut, das besagt, ob die Benutzerabbildung zur Verwendung "
-"aktiviert ist oder nicht"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:675
-msgid "Default: ipaEnabledFlag"
-msgstr "Voreinstellung: ipaEnabledFlag"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:680
-msgid "ipa_selinux_usermap_user_category (string)"
-msgstr "ipa_selinux_usermap_user_category (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:683
-msgid "The LDAP attribute that contains user category such as 'all'."
-msgstr "das LDAP-Attribut, das die Benutzerkategorie wie etwa »alle« enthält"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:687
-msgid "Default: userCategory"
-msgstr "Voreinstellung: userCategory"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:692
-msgid "ipa_selinux_usermap_host_category (string)"
-msgstr "ipa_selinux_usermap_host_category (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:695
-msgid "The LDAP attribute that contains host category such as 'all'."
-msgstr "das LDAP-Attribut, das die Rechnerkategorie wie etwa »alle« enthält"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:699
-msgid "Default: hostCategory"
-msgstr "Voreinstellung: hostCategory"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:704
-msgid "ipa_selinux_usermap_uuid (string)"
-msgstr "ipa_selinux_usermap_uuid (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:707
-msgid "The LDAP attribute that contains unique ID of the user map."
-msgstr "das LDAP-Attribut, das die eindeutige ID der Benutzerabbildung enthält"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:711
-msgid "Default: ipaUniqueID"
-msgstr "Voreinstellung: ipaUniqueID"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:716
-msgid "ipa_host_ssh_public_key (string)"
-msgstr "ipa_host_ssh_public_key (Zeichenkette)"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:719
-msgid "The LDAP attribute that contains the host's SSH public keys."
-msgstr ""
-"das LDAP-Attribut, das die öffentlichen SSH-Schlüssel des Rechners enthält"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:723
-msgid "Default: ipaSshPubKey"
-msgstr "Voreinstellung: ipaSshPubKey"
-
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:732
+#: sssd-ipa.5.xml:525
msgid "SUBDOMAINS PROVIDER"
msgstr "ANBIETER VON UNTER-DOMAINS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:734
+#: sssd-ipa.5.xml:527
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
@@ -7389,7 +7362,7 @@ msgstr ""
"ob er explizit oder implizit konfiguriert wurde."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:531
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -7400,7 +7373,7 @@ msgstr ""
"und alle Subdomain-Anfragen werden, falls nötig, an den IPA-Server gesandt."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:744
+#: sssd-ipa.5.xml:537
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -7419,7 +7392,7 @@ msgstr ""
"online gegangen ist, wird der Subdomain-Anbieter erneut aktiviert."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:761
+#: sssd-ipa.5.xml:554
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -7431,7 +7404,7 @@ msgstr ""
"Optionen von IPA."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:768
+#: sssd-ipa.5.xml:561
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -7449,6 +7422,13 @@ msgstr ""
msgid "sssd-ad"
msgstr "sssd-ad"
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-ad.5.xml:17
+#, fuzzy
+#| msgid "Disable Active Directory range retrieval."
+msgid "SSSD Active Directory provider"
+msgstr "deaktiviert die Bereichsabfrage von Active Directory"
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:23
msgid ""
@@ -7513,9 +7493,14 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:62
+#, fuzzy
+#| msgid ""
+#| "However, it is neither necessary nor recommended to set these options. "
+#| "The AD provider can also be used as an access and chpass provider. No "
+#| "configuration of the access provider is required on the client side."
msgid ""
"However, it is neither necessary nor recommended to set these options. The "
-"AD provider can also be used as an access and chpass provider. No "
+"AD provider can also be used as an access, chpass and sudo provider. No "
"configuration of the access provider is required on the client side."
msgstr ""
"Es ist jedoch weder nötig noch empfohlen, diese Optionen zu setzen. Der AD-"
@@ -7535,14 +7520,25 @@ msgstr ""
# FIXME s/Users/.Users/
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:68
+#, fuzzy
+#| msgid ""
+#| "By default, the AD provider will map UID and GID values from the "
+#| "objectSID parameter in Active Directory. For details on this, see the "
+#| "<quote>ID MAPPING</quote> section below. If you want to disable ID "
+#| "mapping and instead rely on POSIX attributes defined in Active Directory, "
+#| "you should set <placeholder type=\"programlisting\" id=\"0\"/> Users, "
+#| "groups and other entities served by SSSD are always treated as case-"
+#| "insensitive in the AD provider for compatibility with Active Directory's "
+#| "LDAP implementation."
msgid ""
"By default, the AD provider will map UID and GID values from the objectSID "
"parameter in Active Directory. For details on this, see the <quote>ID "
"MAPPING</quote> section below. If you want to disable ID mapping and instead "
"rely on POSIX attributes defined in Active Directory, you should set "
-"<placeholder type=\"programlisting\" id=\"0\"/> Users, groups and other "
-"entities served by SSSD are always treated as case-insensitive in the AD "
-"provider for compatibility with Active Directory's LDAP implementation."
+"<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users "
+"and groups using POSIX attributes from trusted domains, the AD administrator "
+"must make sure that the POSIX attributes are replicated to the Global "
+"Catalog."
msgstr ""
"Standardmäßig wird der AD-Anbieter UID- und GID-Werte vom Parameter "
"»objectSID« in Active Directory abbilden. Einzelheiten darüber erfahren Sie "
@@ -7554,13 +7550,21 @@ msgstr ""
"Kompatibilität mit der LDAP-Implementierung von Active Directory nicht "
"berücksichtigt."
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:81
+msgid ""
+"Users, groups and other entities served by SSSD are always treated as case-"
+"insensitive in the AD provider for compatibility with Active Directory's "
+"LDAP implementation."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:91
+#: sssd-ad.5.xml:96
msgid "ad_domain (string)"
msgstr "ad_domain (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:94
+#: sssd-ad.5.xml:99
msgid ""
"Specifies the name of the Active Directory domain. This is optional. If not "
"provided, the configuration domain name is used."
@@ -7569,7 +7573,7 @@ msgstr ""
"nicht angegeben, wird der Name der konfigurierten Domain benutzt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:99
+#: sssd-ad.5.xml:104
msgid ""
"For proper operation, this option should be specified as the lower-case "
"version of the long version of the Active Directory domain."
@@ -7579,7 +7583,7 @@ msgstr ""
"angegeben werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:104
+#: sssd-ad.5.xml:109
msgid ""
"The short domain name (also known as the NetBIOS or the flat name) is "
"autodetected by the SSSD."
@@ -7588,12 +7592,12 @@ msgstr ""
"SSSD automatisch ermittelt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:111
+#: sssd-ad.5.xml:116
msgid "ad_server, ad_backup_server (string)"
msgstr "ad_server, ad_backup_server (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:114
+#: sssd-ad.5.xml:119
msgid ""
"The comma-separated list of hostnames of the AD servers to which SSSD should "
"connect in order of preference. For more information on failover and server "
@@ -7608,12 +7612,12 @@ msgstr ""
"optional. Weitere Informationen finden Sie im Abschnitt »DIENSTSUCHE«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:132
msgid "ad_hostname (string)"
msgstr "ad_hostname (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:130
+#: sssd-ad.5.xml:135
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -7624,7 +7628,7 @@ msgstr ""
"werden, um sie zu identifizieren."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:136
+#: sssd-ad.5.xml:141
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
@@ -7634,12 +7638,12 @@ msgstr ""
"ausgegeben wurde."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:144
+#: sssd-ad.5.xml:149
msgid "ad_enable_dns_sites (boolean)"
msgstr "ad_enable_dns_sites (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:151
+#: sssd-ad.5.xml:156
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
@@ -7656,8 +7660,173 @@ msgstr ""
"wird ebenfalls einschließlich der Domain zur Aufdeckung bei der Site-"
"Aufdeckung verwendet."
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:172
+#, fuzzy
+#| msgid "ldap_access_filter (string)"
+msgid "ad_access_filter (string)"
+msgstr "ldap_access_filter (Zeichenkette)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:175
+msgid ""
+"This option specifies LDAP access control filter that the user must match in "
+"order to be allowed access. Please note that the <quote>access_provider</"
+"quote> option must be explicitly set to <quote>ad</quote> in order for this "
+"option to have an effect."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:183
+msgid ""
+"The option also supports specifying different filters per domain or forest. "
+"This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. "
+"The keyword can be either <quote>DOM</quote>, <quote>FOREST</quote> or "
+"missing."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:191
+msgid ""
+"If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</"
+"quote> specifies the domain or subdomain the filter applies to. If the "
+"keyword equals to <quote>FOREST</quote>, then the filter equals to all "
+"domains from the forest specified by <quote>NAME</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:199
+msgid ""
+"Multiple filters can be separated with the <quote>?</quote> character, "
+"similarly to how search bases work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:170
+#: sssd-ad.5.xml:204
+msgid ""
+"The most specific match is always used. For example, if the option specified "
+"filter for a domain the user is a member of and a global filter, the per-"
+"domain filter would be applied. If there are more matches with the same "
+"specification, the first one is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
+#: sssd-ad.5.xml:215
+#, no-wrap
+msgid ""
+"# apply filter on domain called dom1 only:\n"
+"dom1:(memberOf=cn=admins,ou=groups,dc=dom1,dc=com)\n"
+"\n"
+"# apply filter on domain called dom2 only:\n"
+"DOM:dom2:(memberOf=cn=admins,ou=groups,dc=dom2,dc=com)\n"
+"\n"
+"# apply filter on forest called EXAMPLE.COM only:\n"
+"FOREST:EXAMPLE.COM:(memberOf=cn=admins,ou=groups,dc=example,dc=com)\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:225
+#, fuzzy
+#| msgid "Default: not set"
+msgid "Default: Not set"
+msgstr "Voreinstellung: nicht gesetzt"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:231
+#, fuzzy
+#| msgid "ad_enable_dns_sites (boolean)"
+msgid "ad_enable_gc (boolean)"
+msgstr "ad_enable_dns_sites (Boolesch)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:234
+msgid ""
+"By default, the SSSD connects to the Global Catalog first to retrieve users "
+"from trusted domains and uses the LDAP port to retrieve group memberships or "
+"as a fallback. Disabling this option makes the SSSD only connect to the LDAP "
+"port of the current AD server."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:242
+msgid ""
+"Please note that disabling Global Catalog support does not disable "
+"retrieving users from trusted domains. The SSSD would connect to the LDAP "
+"port of trusted domains instead. However, Global Catalog must be used in "
+"order to resolve cross-domain group memberships."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:256
+#, fuzzy
+#| msgid "ldap_access_order (string)"
+msgid "ad_gpo_access_control (string)"
+msgstr "ldap_access_order (Zeichenkette)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:259
+msgid ""
+"This option specifies the operation mode for GPO-based access control "
+"functionality: whether it operates in disabled mode, enforcing mode, or "
+"permissive mode. Please note that the <quote>access_provider</quote> option "
+"must be explicitly set to <quote>ad</quote> in order for this option to have "
+"an effect."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:268
+msgid ""
+"GPO-based access control functionality uses GPO policy settings to determine "
+"whether or not a particular user is allowed to logon to a particular host."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:274
+msgid ""
+"NOTE: If the operation mode is set to enforcing, it is possible that users "
+"that were previously allowed logon access will now be denied logon access "
+"(as dictated by the GPO policy settings). In order to facilitate a smooth "
+"transition for administrators, a permissive mode is available that will not "
+"enforce the access control rules, but will evaluate them and will output a "
+"syslog message if access would have been denied. By examining the logs, "
+"administrators can then make the necessary changes before setting the mode "
+"to enforcing."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:287
+msgid "There are three supported values for this option:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:291
+msgid ""
+"disabled: GPO-based access control rules are neither evaluated nor enforced."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:297
+msgid "enforcing: GPO-based access control rules are evaluated and enforced."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ad.5.xml:303
+msgid ""
+"permissive: GPO-based access control rules are evaluated, but not enforced. "
+"Instead, a syslog message will be emitted indicating that the user would "
+"have been denied access if this option's value were set to enforcing."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:314
+#, fuzzy
+#| msgid "Default: ipService"
+msgid "Default: permissive"
+msgstr "Voreinstellung: ipService"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:323
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
"Directory DNS server with the IP address of this client. The update is "
@@ -7675,22 +7844,22 @@ msgstr ""
"»dyndns_iface« angegeben wurde."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:200
+#: sssd-ad.5.xml:353
msgid "Default: 3600 (seconds)"
msgstr "Voreinstellung: 3600 (Sekunden)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:214
+#: sssd-ad.5.xml:367
msgid "Default: Use the IP address of the AD LDAP connection"
msgstr "Voreinstellung: verwendet die IP-Adresse der AD-LDAP-Verbindung"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:265 sssd-krb5.5.xml:503
+#: sssd-ad.5.xml:418 sssd-krb5.5.xml:496
msgid "krb5_use_enterprise_principal (boolean)"
msgstr "krb5_use_enterprise_principal (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:268 sssd-krb5.5.xml:506
+#: sssd-ad.5.xml:421 sssd-krb5.5.xml:499
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
@@ -7700,7 +7869,7 @@ msgstr ""
"Abschnitt 5 von RFC 6806."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:295
+#: sssd-ad.5.xml:448
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -7712,7 +7881,7 @@ msgstr ""
"Optionen von AD."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:302
+#: sssd-ad.5.xml:455
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -7736,7 +7905,7 @@ msgstr ""
"ad_domain = example.com\n"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:322
+#: sssd-ad.5.xml:475
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -7748,7 +7917,7 @@ msgstr ""
"ldap_account_expire_policy = ad\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:318
+#: sssd-ad.5.xml:471
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -7759,7 +7928,7 @@ msgstr ""
"<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:328
+#: sssd-ad.5.xml:481
msgid ""
"However, unless the <quote>ad</quote> access control provider is explicitly "
"configured, the default access provider is <quote>permit</quote>."
@@ -7845,13 +8014,34 @@ msgstr ""
"<citerefentry> <refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> finden."
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:70
+msgid ""
+"<emphasis>Note</emphasis>: in order to use netgroups or IPA hostgroups in "
+"sudo rules, you also need to correctly set <citerefentry> "
+"<refentrytitle>nisdomainname</refentrytitle> <manvolnum>1</manvolnum> </"
+"citerefentry> to your NIS domain name (which equals to IPA domain name when "
+"using hostgroups)."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-sudo.5.xml:72
+#: sssd-sudo.5.xml:82
msgid "Configuring SSSD to fetch sudo rules"
msgstr "SSSD zum Abrufen von Sudo-Regeln konfigurieren"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-sudo.5.xml:74
+#: sssd-sudo.5.xml:84
+msgid ""
+"All configuration that is needed on SSSD side is to extend the list of "
+"<emphasis>services</emphasis> with \"sudo\" in [sssd] section of "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry>. To speed up the LDAP lookups, you can also set "
+"search base for sudo rules using <emphasis>ldap_sudo_search_base</emphasis> "
+"option."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:94
msgid ""
"The following example shows how to configure SSSD to download sudo rules "
"from an LDAP server."
@@ -7860,7 +8050,7 @@ msgstr ""
"Regeln von einem LDAP-Server herunterlädt."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-sudo.5.xml:79
+#: sssd-sudo.5.xml:99
#, no-wrap
msgid ""
"[sssd]\n"
@@ -7886,23 +8076,28 @@ msgstr ""
"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-sudo.5.xml:92
+#: sssd-sudo.5.xml:112
+#, fuzzy
+#| msgid ""
+#| "When the SSSD is configured to use the IPA provider, the sudo provider is "
+#| "automatically enabled. The sudo search base is configured to use the "
+#| "compat tree (ou=sudoers,$DC)."
msgid ""
-"When the SSSD is configured to use the IPA provider, the sudo provider is "
-"automatically enabled. The sudo search base is configured to use the compat "
-"tree (ou=sudoers,$DC)."
+"When the SSSD is configured to use IPA as the ID provider, the sudo provider "
+"is automatically enabled. The sudo search base is configured to use the "
+"compat tree (ou=sudoers,$DC)."
msgstr ""
"Wenn SSSD zur Verwendung eines IPA-Anbieters konfiguriert wurde, ist der "
"Sudo-Anbieter automatisch aktiviert. Die Suchgrundlage von Sudo ist so "
"konfiguriert, dass sie den Compat-Verzeichnisbaum benutzt (ou=sudoers,$DC)."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-sudo.5.xml:99
+#: sssd-sudo.5.xml:119
msgid "The SUDO rule caching mechanism"
msgstr "Der Zwischenspeichermechanismus für Sudo-Regeln"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-sudo.5.xml:101
+#: sssd-sudo.5.xml:121
msgid ""
"The biggest challenge, when developing sudo support in SSSD, was to ensure "
"that running sudo with SSSD as the data source provides the same user "
@@ -7920,7 +8115,7 @@ msgstr ""
"Aktualisieren und Regelaktualisierung bezeichnet."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-sudo.5.xml:109
+#: sssd-sudo.5.xml:129
msgid ""
"The <emphasis>smart refresh</emphasis> periodically downloads rules that are "
"new or were modified after the last update. Its primary goal is to keep the "
@@ -7934,7 +8129,7 @@ msgstr ""
"erzeugen."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-sudo.5.xml:115
+#: sssd-sudo.5.xml:135
msgid ""
"The <emphasis>full refresh</emphasis> simply deletes all sudo rules stored "
"in the cache and replaces them with all rules that are stored on the server. "
@@ -7952,7 +8147,7 @@ msgstr ""
"Regeln ausgeführt werden."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-sudo.5.xml:123
+#: sssd-sudo.5.xml:143
msgid ""
"The <emphasis>rules refresh</emphasis> ensures that we do not grant the user "
"more permission than defined. It is triggered each time the user runs sudo. "
@@ -7971,7 +8166,7 @@ msgstr ""
"(die für andere Benutzer gelten) gelöscht wurden."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-sudo.5.xml:132
+#: sssd-sudo.5.xml:152
msgid ""
"If enabled, SSSD will store only rules that can be applied to this machine. "
"This means rules that contain one of the following values in "
@@ -7982,37 +8177,37 @@ msgstr ""
"im Attribut <emphasis>sudoHost</emphasis> enthalten:"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
-#: sssd-sudo.5.xml:139
+#: sssd-sudo.5.xml:159
msgid "keyword ALL"
msgstr "Schlüsselwort ALL"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
-#: sssd-sudo.5.xml:144
+#: sssd-sudo.5.xml:164
msgid "wildcard"
msgstr "Platzhalter"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
-#: sssd-sudo.5.xml:149
+#: sssd-sudo.5.xml:169
msgid "netgroup (in the form \"+netgroup\")"
msgstr "Netzgruppe (in der Form »+Netzgruppe«)"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
-#: sssd-sudo.5.xml:154
+#: sssd-sudo.5.xml:174
msgid "hostname or fully qualified domain name of this machine"
msgstr "Rechnername oder voll qualifizierter Domain-Namen dieser Maschine"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
-#: sssd-sudo.5.xml:159
+#: sssd-sudo.5.xml:179
msgid "one of the IP addresses of this machine"
msgstr "eine der IP-Adressen dieser Maschine"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
-#: sssd-sudo.5.xml:164
+#: sssd-sudo.5.xml:184
msgid "one of the IP addresses of the network (in the form \"address/mask\")"
msgstr "eine der IP-Adressen des Netzwerks (in der Form »Adresse/Maske«)"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-sudo.5.xml:170
+#: sssd-sudo.5.xml:190
msgid ""
"There are many configuration options that can be used to adjust the "
"behavior. Please refer to \"ldap_sudo_*\" in <citerefentry> "
@@ -8241,6 +8436,19 @@ msgstr ""
"teilt SSSD mit, dass es sofort online gehen soll. Dies ist meist zu "
"Testzwecken nützlich."
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.8.xml:193
+#, fuzzy
+#| msgid ""
+#| "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value "
+#| "debug messages will be sent to stderr."
+msgid ""
+"If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client "
+"applications will not use the fast in memory cache."
+msgstr ""
+"Falls die Umgebungsvariable SSSD_KRB5_LOCATOR_DEBUG auf irgendeinen Wert "
+"gesetzt ist, werden Debug-Nachrichten an »stderr« gesandt."
+
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15
msgid "sss_obfuscate"
@@ -8569,6 +8777,13 @@ msgstr ""
msgid "sssd-krb5"
msgstr "sssd-krb5"
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-krb5.5.xml:17
+#, fuzzy
+#| msgid "Kerberos realm"
+msgid "SSSD Kerberos provider"
+msgstr "Kerberos Realm"
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:23
msgid ""
@@ -8711,116 +8926,105 @@ msgstr "krb5_ccachedir (Zeichenkette)"
#: sssd-krb5.5.xml:138
msgid ""
"Directory to store credential caches. All the substitution sequences of "
-"krb5_ccname_template can be used here, too, except %d and %P. If the "
-"directory does not exist, it will be created. If %u, %U, %p or %h are used, "
-"a private directory belonging to the user is created. Otherwise, a public "
-"directory with restricted deletion flag (aka sticky bit, as described in "
-"<citerefentry> <refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> "
-"</citerefentry> for details) is created."
-msgstr ""
-"Verzeichnis, in dem Berechtigungszwischenspeicher abgelegt werden. Hier "
-"können auch alle Ersetzungssequenzen von »krb5_ccname_template« benutzt "
-"werden, außer %d und %P. Falls das Verzeichnis nicht existiert, wird es "
-"erstellt. Falls %u, %U, %p oder %h benutzt werden, wird ein privates "
-"Verzeichnis, das dem Benutzer gehört, erstellt. Andernfalls wird ein "
-"öffentliches Verzeichnis mit einem Schalter für eingeschränktes Löschen "
-"(auch bekannt als Sticky-Bit, detailliert beschrieben unter <citerefentry> "
-"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </"
-"citerefentry>) erstellt."
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:152
+"krb5_ccname_template can be used here, too, except %d and %P. The directory "
+"is created as private and owned by the user, with permissions set to 0700."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:145
msgid "Default: /tmp"
msgstr "Voreinstellung: /tmp"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:158
+#: sssd-krb5.5.xml:151
msgid "krb5_ccname_template (string)"
msgstr "krb5_ccname_template (Zeichenkette)"
#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:172 include/override_homedir.xml:11
+#: sssd-krb5.5.xml:165 include/override_homedir.xml:11
msgid "%u"
msgstr "%u"
#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:173 include/override_homedir.xml:12
+#: sssd-krb5.5.xml:166 include/override_homedir.xml:12
msgid "login name"
msgstr "Anmeldename"
#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:176 include/override_homedir.xml:15
+#: sssd-krb5.5.xml:169 include/override_homedir.xml:15
msgid "%U"
msgstr "%U"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:177
+#: sssd-krb5.5.xml:170
msgid "login UID"
msgstr "Anmelde-UID"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:180
+#: sssd-krb5.5.xml:173
msgid "%p"
msgstr "%p"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:181
+#: sssd-krb5.5.xml:174
msgid "principal name"
msgstr "Principal-Name"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:185
+#: sssd-krb5.5.xml:178
msgid "%r"
msgstr "%r"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:186
+#: sssd-krb5.5.xml:179
msgid "realm name"
msgstr "Realm-Name"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:189
+#: sssd-krb5.5.xml:182
msgid "%h"
msgstr "%h"
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:190
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:183 sssd-ifp.5.xml:108
#, fuzzy
msgid "home directory"
msgstr "Bneutzerverzeichnis"
#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:194 include/override_homedir.xml:19
+#: sssd-krb5.5.xml:187 include/override_homedir.xml:19
msgid "%d"
msgstr "%d"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:195
-msgid "value of krb5ccache_dir"
+#: sssd-krb5.5.xml:188
+#, fuzzy
+#| msgid "value of krb5ccache_dir"
+msgid "value of krb5_ccachedir"
msgstr "Wert von »krb5ccache_dir«"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:200
+#: sssd-krb5.5.xml:193
msgid "%P"
msgstr "%P"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:201
+#: sssd-krb5.5.xml:194
msgid "the process ID of the SSSD client"
msgstr "die Prozess-ID des SSSD-Clients"
#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:206 include/override_homedir.xml:34
+#: sssd-krb5.5.xml:199 include/override_homedir.xml:34
msgid "%%"
msgstr "%%"
#. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:207 include/override_homedir.xml:35
+#: sssd-krb5.5.xml:200 include/override_homedir.xml:35
msgid "a literal '%'"
msgstr "ein buchstäbliches »%«"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:161
+#: sssd-krb5.5.xml:154
msgid ""
"Location of the user's credential cache. Three credential cache types are "
"currently supported: <quote>FILE</quote>, <quote>DIR</quote> and "
@@ -8841,7 +9045,7 @@ msgstr ""
"auf eine sichere Art verwendet."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:215
+#: sssd-krb5.5.xml:208
msgid ""
"When using KEYRING types, the only supported mechanism is <quote>KEYRING:"
"persistent:%U</quote>, which uses the Linux kernel keyring to store "
@@ -8855,7 +9059,7 @@ msgstr ""
"berechenbarste Methode darstellt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:223
+#: sssd-krb5.5.xml:216
msgid ""
"The default value for the credential cache name is sourced from the profile "
"stored in the system wide krb5.conf configuration file in the [libdefaults] "
@@ -8871,17 +9075,17 @@ msgstr ""
"»krb5.conf(5)«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:232
+#: sssd-krb5.5.xml:225
msgid "Default: (from libkrb5)"
msgstr "Voreinstellung: (von »libkrb5«)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:238
+#: sssd-krb5.5.xml:231
msgid "krb5_auth_timeout (integer)"
msgstr "krb5_auth_timeout (Ganzzahl)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:241
+#: sssd-krb5.5.xml:234
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
@@ -8892,7 +9096,7 @@ msgstr ""
"die Authentifizierung offline fortgesetzt."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:255
+#: sssd-krb5.5.xml:248
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed. The keytab is checked for entries sequentially, and the first entry "
@@ -8910,12 +9114,12 @@ msgstr ""
"Eintrag als letzter oder einziger Eintrag in der Keytab-Datei abgelegt wird."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:270
+#: sssd-krb5.5.xml:263
msgid "krb5_keytab (string)"
msgstr "krb5_keytab (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:273
+#: sssd-krb5.5.xml:266
msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
@@ -8924,17 +9128,17 @@ msgstr ""
"benutzt wird, die von Schlüsselverwaltungszentralen (KDCs) stammen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:277
+#: sssd-krb5.5.xml:270
msgid "Default: /etc/krb5.keytab"
msgstr "Voreinstellung: /etc/krb5.keytab"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:283
+#: sssd-krb5.5.xml:276
msgid "krb5_store_password_if_offline (boolean)"
msgstr "krb5_store_password_if_offline (Boolesch)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:286
+#: sssd-krb5.5.xml:279
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
@@ -8943,7 +9147,7 @@ msgstr ""
"benutzt es zur Abfrage des TGTs, wenn der Anbieter wieder online geht."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:291
+#: sssd-krb5.5.xml:284
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
@@ -8955,12 +9159,12 @@ msgstr ""
"Benutzer Root zugegriffen werden."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:304
+#: sssd-krb5.5.xml:297
msgid "krb5_renewable_lifetime (string)"
msgstr "krb5_renewable_lifetime (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:307
+#: sssd-krb5.5.xml:300
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
@@ -8969,33 +9173,33 @@ msgstr ""
"Ganzzahl, der direkt eine Zeiteinheit folgt, angegeben:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:312 sssd-krb5.5.xml:346 sssd-krb5.5.xml:383
+#: sssd-krb5.5.xml:305 sssd-krb5.5.xml:339 sssd-krb5.5.xml:376
msgid "<emphasis>s</emphasis> for seconds"
msgstr "<emphasis>s</emphasis> für Sekunden"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:315 sssd-krb5.5.xml:349 sssd-krb5.5.xml:386
+#: sssd-krb5.5.xml:308 sssd-krb5.5.xml:342 sssd-krb5.5.xml:379
msgid "<emphasis>m</emphasis> for minutes"
msgstr "<emphasis>m</emphasis> für Minuten"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:318 sssd-krb5.5.xml:352 sssd-krb5.5.xml:389
+#: sssd-krb5.5.xml:311 sssd-krb5.5.xml:345 sssd-krb5.5.xml:382
msgid "<emphasis>h</emphasis> for hours"
msgstr "<emphasis>h</emphasis> für Stunden"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:355 sssd-krb5.5.xml:392
+#: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385
msgid "<emphasis>d</emphasis> for days."
msgstr "<emphasis>d</emphasis> für Tage"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:324 sssd-krb5.5.xml:395
+#: sssd-krb5.5.xml:317 sssd-krb5.5.xml:388
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
msgstr ""
"Falls keine Einheit angegeben ist, wird <emphasis>s</emphasis> angenommen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:328 sssd-krb5.5.xml:399
+#: sssd-krb5.5.xml:321 sssd-krb5.5.xml:392
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
@@ -9005,17 +9209,17 @@ msgstr ""
"»1h30m«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:333
+#: sssd-krb5.5.xml:326
msgid "Default: not set, i.e. the TGT is not renewable"
msgstr "Voreinstellung: nicht gesetzt, d.h. das TGT ist nicht erneuerbar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:339
+#: sssd-krb5.5.xml:332
msgid "krb5_lifetime (string)"
msgstr "krb5_lifetime (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:342
+#: sssd-krb5.5.xml:335
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
@@ -9025,13 +9229,13 @@ msgstr ""
# FIXME s/given/given,/
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:358
+#: sssd-krb5.5.xml:351
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
msgstr ""
"Falls keine Einheit angegeben ist, wird <emphasis>s</emphasis> angenommen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:362
+#: sssd-krb5.5.xml:355
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
@@ -9040,7 +9244,7 @@ msgstr ""
"eineinhalb Stunden zu setzen, verwenden Sie »90m« statt »1h30m«."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:367
+#: sssd-krb5.5.xml:360
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
@@ -9048,12 +9252,12 @@ msgstr ""
"der Schlüsselverwaltungszentrale (KDC)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:374
+#: sssd-krb5.5.xml:367
msgid "krb5_renew_interval (string)"
msgstr "krb5_renew_interval (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:377
+#: sssd-krb5.5.xml:370
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -9065,29 +9269,14 @@ msgstr ""
"folgt, angegeben:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:404
+#: sssd-krb5.5.xml:397
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
"Falls diese Option nicht oder auf 0 gesetzt ist, wird die automatische "
"Erneuerung deaktiviert."
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:414
-msgid "krb5_use_fast (string)"
-msgstr "krb5_use_fast (Zeichenkette)"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:417
-msgid ""
-"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
-"authentication. The following options are supported:"
-msgstr ""
-"Schaltet das flexible Authentifizierungs-Sicherheits-Tunneln (FAST) für die "
-"Vorauthentifizierung von Kerberos ein. Die folgenden Optionen werden "
-"unterstützt:"
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:422
+#: sssd-krb5.5.xml:415
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
@@ -9096,7 +9285,7 @@ msgstr ""
"Einstellung gar nicht gemacht würde."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:426
+#: sssd-krb5.5.xml:419
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
@@ -9104,49 +9293,28 @@ msgstr ""
"<emphasis>try</emphasis>: Es wird versucht, FAST zu benutzen. Falls der "
"Server kein FAST unterstützt, fährt die Authentifizierung ohne fort."
-# FIXME s/fast/FAST/
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:431
-msgid ""
-"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
-"server does not require fast."
-msgstr ""
-"<emphasis>demand</emphasis>: Fragt nach, ob FAST benutzt werden soll. Die "
-"Authentifizierung schlägt fehl, falls der Server kein FAST erfordert."
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:436
+#: sssd-krb5.5.xml:429
msgid "Default: not set, i.e. FAST is not used."
msgstr "Voreinstellung: nicht gesetzt, d.h. FAST wird nicht benutzt"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:439
+#: sssd-krb5.5.xml:432
msgid "NOTE: a keytab is required to use FAST."
msgstr "HINWEIS: Zur Benutzung von FAST ist eine Keytab erforderlich."
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:442
-msgid ""
-"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
-"SSSD is used with an older version of MIT Kerberos, using this option is a "
-"configuration error."
-msgstr ""
-"HINWEIS: SSSD unterstützt FAST nur mit MIT-Kerberos-Version 1.8 und neuer. "
-"Falls SSSD mit einer älteren Version von MIT-Kerberos benutzt wird, ist die "
-"Verwendung dieser Option ein Konfigurationsfehler."
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-krb5.5.xml:451
+#: sssd-krb5.5.xml:444
msgid "krb5_fast_principal (string)"
msgstr "krb5_fast_principal (Zeichenkette)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:454
+#: sssd-krb5.5.xml:447
msgid "Specifies the server principal to use for FAST."
msgstr "gibt den Server Principal zur Benutzung von FAST an."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:463
+#: sssd-krb5.5.xml:456
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
@@ -9156,8 +9324,10 @@ msgstr ""
"Versionen verfügbar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:512
-msgid "Default: false (AD provide: true)"
+#: sssd-krb5.5.xml:505
+#, fuzzy
+#| msgid "Default: false (AD provide: true)"
+msgid "Default: false (AD provider: true)"
msgstr "Voreinstellung: false (AD-Bereitstellung: true)"
#. type: Content of: <reference><refentry><refsect1><para>
@@ -9177,7 +9347,7 @@ msgstr ""
"id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:528
+#: sssd-krb5.5.xml:521
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -9190,7 +9360,7 @@ msgstr ""
"keine Identitätsanbieter."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:536
+#: sssd-krb5.5.xml:529
#, no-wrap
msgid ""
" [domain/FOO]\n"
@@ -9879,6 +10049,235 @@ msgstr ""
"(64 Byte auf Systemen ohne global definiertem Wert für PASS_MAX)."
#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ifp.5.xml:10 sssd-ifp.5.xml:16
+#, fuzzy
+#| msgid "sssd-ipa"
+msgid "sssd-ifp"
+msgstr "sssd-ipa"
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-ifp.5.xml:17
+msgid "SSSD InfoPipe responder"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ifp.5.xml:23
+#, fuzzy
+#| msgid ""
+#| "This manual page describes the configuration of the IPA provider for "
+#| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</"
+#| "manvolnum> </citerefentry>. For a detailed syntax reference, refer to "
+#| "the <quote>FILE FORMAT</quote> section of the <citerefentry> "
+#| "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+#| "citerefentry> manual page."
+msgid ""
+"This manual page describes the configuration of the InfoPipe responder for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE "
+"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
+msgstr ""
+"Diese Handbuchseite beschreibt die Konfiguration des IPA-Anbieters für "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. Eine ausführliche Syntax-Referenz finden Sie im Abschnitt "
+"»DATEIFORMAT« der Handbuchseite <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ifp.5.xml:36
+msgid ""
+"The InfoPipe responder provides a public D-Bus interface accessible over the "
+"system bus. The interface allows the user to query information about remote "
+"users and groups over the system bus."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ifp.5.xml:46
+#, fuzzy
+#| msgid "These options can be used to configure the PAC responder."
+msgid "These options can be used to configure the InfoPipe responder."
+msgstr ""
+"Diese Optionen können zur Konfiguration des PAC-Responders verwendet werden."
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:53
+#, fuzzy
+#| msgid ""
+#| "Specifies the comma-separated list of UID values or user names that are "
+#| "allowed to access the PAC responder. User names are resolved to UIDs at "
+#| "startup."
+msgid ""
+"Specifies the comma-separated list of UID values or user names that are "
+"allowed to access the InfoPipe responder. User names are resolved to UIDs at "
+"startup."
+msgstr ""
+"gibt die durch Kommas getrennte Liste von UID-Werten oder Benutzernamen an, "
+"denen der Zugriff auf den PAC-Responder erlaubt ist. Benutzernamen werden "
+"beim Starten zu UIDs aufgelöst."
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:59
+#, fuzzy
+#| msgid ""
+#| "Default: 0 (only the root user is allowed to access the PAC responder)"
+msgid ""
+"Default: 0 (only the root user is allowed to access the InfoPipe responder)"
+msgstr ""
+"Voreinstellung: 0 (Nur dem Benutzer Root ist der Zugriff auf den PAC-"
+"Responder gestattet.)"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:63
+#, fuzzy
+#| msgid ""
+#| "Please note that although the UID 0 is used as the default it will be "
+#| "overwritten with this option. If you still want to allow the root user to "
+#| "access the PAC responder, which would be the typical case, you have to "
+#| "add 0 to the list of allowed UIDs as well."
+msgid ""
+"Please note that although the UID 0 is used as the default it will be "
+"overwritten with this option. If you still want to allow the root user to "
+"access the InfoPipe responder, which would be the typical case, you have to "
+"add 0 to the list of allowed UIDs as well."
+msgstr ""
+"Bitte beachten Sie, dass, obwohl die UID 0 als Voreinstellung benutzt wird, "
+"diese Option sie überschriebt. Falls Sie weiterhin dem Benutzer Root Zugriff "
+"auf den PAC-Responder gewähren möchten, was der Normalfall ist, müssen Sie "
+"der Liste der erlaubten UIDs auch die 0 hinzufügen."
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd-ifp.5.xml:74
+#, fuzzy
+#| msgid "ldap_user_authorized_host (string)"
+msgid "user_attributes (string)"
+msgstr "ldap_user_authorized_host (Zeichenkette)"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:77
+msgid "Specifies the comma-separated list of white or blacklisted attributes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-ifp.5.xml:91
+#, fuzzy
+#| msgid "username"
+msgid "name"
+msgstr "Benutzername"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:92
+#, fuzzy
+#| msgid "login name"
+msgid "user's login name"
+msgstr "Anmeldename"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-ifp.5.xml:95
+#, fuzzy
+#| msgid "Default: uidNumber"
+msgid "uidNumber"
+msgstr "Voreinstellung: uidNumber"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:96
+#, fuzzy
+#| msgid "user name"
+msgid "user ID"
+msgstr "Benutzername"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-ifp.5.xml:99
+#, fuzzy
+#| msgid "Default: gidNumber"
+msgid "gidNumber"
+msgstr "Voreinstellung: gidNumber"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:100
+msgid "primary group ID"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-ifp.5.xml:103
+msgid "gecos"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:104
+msgid "user information, typically full name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-ifp.5.xml:107
+#, fuzzy
+msgid "homeDirectory"
+msgstr "Bneutzerverzeichnis"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-ifp.5.xml:111
+#, fuzzy
+#| msgid "Login shell"
+msgid "loginShell"
+msgstr "Anmelde-Shell"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:112
+#, fuzzy
+#| msgid "user name"
+msgid "user shell"
+msgstr "Benutzername"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:81
+#, fuzzy
+#| msgid ""
+#| "All of the common configuration options that apply to SSSD domains also "
+#| "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> "
+#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+#| "<manvolnum>5</manvolnum> </citerefentry> manual page for full details. "
+#| "<placeholder type=\"variablelist\" id=\"0\"/>"
+msgid ""
+"By default, the InfoPipe responder only allows the default set of POSIX "
+"attributes to be requested. This set is the same as returned by "
+"<citerefentry> <refentrytitle>getpwnam</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry> and includes: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
+msgstr ""
+"Alle häufigen Konfigurationsoptionen, die für SSSD-Domains gelten, gelten "
+"auch für LDAP-Domains. Umfassende Einzelheiten finden Sie im Abschnitt "
+"»DOMAIN-ABSCHNITTE« der Handbuchseite <citerefentry> <refentrytitle>sssd."
+"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>. <placeholder "
+"type=\"variablelist\" id=\"0\"/>"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-ifp.5.xml:125
+#, no-wrap
+msgid ""
+"user_attributes = +telephoneNumber, -loginShell\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:117
+msgid ""
+"It is possible to add another attribute to this set by using <quote>"
+"+attr_name</quote> or explicitly remove an attribute using <quote>-"
+"attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> but "
+"deny <quote>loginShell</quote>, you would use the following configuration: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd-ifp.5.xml:129
+#, fuzzy
+#| msgid ""
+#| "Default: not set, i.e. the default ticket lifetime configured on the KDC."
+msgid "Default: not set. Only the default set of POSIX attributes is allowed."
+msgstr ""
+"Voreinstellung: nicht gesetzt, d.h. die Standardlebenszeit des Tickets auf "
+"der Schlüsselverwaltungszentrale (KDC)"
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15
msgid "sss_ssh_authorizedkeys"
msgstr "sss_ssh_authorizedkeys"
@@ -10122,7 +10521,7 @@ msgstr ""
"unterstützt."
#. type: Content of: <refsect1><refsect2><title>
-#: include/service_discovery.xml:9 include/ldap_id_mapping.xml:57
+#: include/service_discovery.xml:9 include/ldap_id_mapping.xml:99
msgid "Configuration"
msgstr "Konfiguration"
@@ -10325,13 +10724,55 @@ msgstr ""
"automatisch und manuell zugewiesenen Werten zu vermeiden. Falls Sie manuell "
"zugewiesene Werte benutzen müssen, müssen Sie ALLE Werte manuell zuweisen."
+#. type: Content of: <refsect1><para>
+#: include/ldap_id_mapping.xml:16
+msgid ""
+"Please note that changing the ID mapping related configuration options will "
+"cause user and group IDs to change. At the moment, SSSD does not support "
+"changing IDs, so the SSSD database must be removed. Because cached passwords "
+"are also stored in the database, removing the database should only be "
+"performed while the authentication servers are reachable, otherwise users "
+"might get locked out. In order to cache the password, an authentication must "
+"be performed. It is not sufficient to use <citerefentry> "
+"<refentrytitle>sss_cache</refentrytitle> <manvolnum>8</manvolnum> </"
+"citerefentry> to remove the database, rather the process consists of:"
+msgstr ""
+
+#. type: Content of: <refsect1><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:33
+msgid "Making sure the remote servers are reachable"
+msgstr ""
+
+#. type: Content of: <refsect1><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:38
+msgid "Stopping the SSSD service"
+msgstr ""
+
+#. type: Content of: <refsect1><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:43
+msgid "Removing the database"
+msgstr ""
+
+#. type: Content of: <refsect1><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:48
+msgid "Starting the SSSD service"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/ldap_id_mapping.xml:52
+msgid ""
+"Moreover, as the change of IDs might necessitate the adjustment of other "
+"system properties such as file and directory ownership, it's advisable to "
+"plan ahead and test the ID mapping configuration thoroughly."
+msgstr ""
+
#. type: Content of: <refsect1><refsect2><title>
-#: include/ldap_id_mapping.xml:17
+#: include/ldap_id_mapping.xml:59
msgid "Mapping Algorithm"
msgstr "Abbildungsalgorithmus"
#. type: Content of: <refsect1><refsect2><para>
-#: include/ldap_id_mapping.xml:19
+#: include/ldap_id_mapping.xml:61
msgid ""
"Active Directory provides an objectSID for every user and group object in "
"the directory. This objectSID can be broken up into components that "
@@ -10344,7 +10785,7 @@ msgstr ""
"Bezeichner (RID) des Benutzer- oder Gruppenobjekts darstellen."
#. type: Content of: <refsect1><refsect2><para>
-#: include/ldap_id_mapping.xml:25
+#: include/ldap_id_mapping.xml:67
msgid ""
"The SSSD ID-mapping algorithm takes a range of available UIDs and divides it "
"into equally-sized component sections - called \"slices\"-. Each slice "
@@ -10355,7 +10796,7 @@ msgstr ""
"steht für den verfügbaren Speicher einer Active-Directory-Domain."
#. type: Content of: <refsect1><refsect2><para>
-#: include/ldap_id_mapping.xml:31
+#: include/ldap_id_mapping.xml:73
msgid ""
"When a user or group entry for a particular domain is encountered for the "
"first time, the SSSD allocates one of the available slices for that domain. "
@@ -10369,7 +10810,7 @@ msgstr ""
"Algorithmus basiert:"
#. type: Content of: <refsect1><refsect2><para>
-#: include/ldap_id_mapping.xml:38
+#: include/ldap_id_mapping.xml:80
msgid ""
"The SID string is passed through the murmurhash3 algorithm to convert it to "
"a 32-bit hashed value. We then take the modulus of this value with the total "
@@ -10380,7 +10821,7 @@ msgstr ""
"Gesamtzahl verfügbarer Slices genommen, um den Slice auszusuchen."
#. type: Content of: <refsect1><refsect2><para>
-#: include/ldap_id_mapping.xml:44
+#: include/ldap_id_mapping.xml:86
msgid ""
"NOTE: It is possible to encounter collisions in the hash and subsequent "
"modulus. In these situations, we will select the next available slice, but "
@@ -10403,13 +10844,13 @@ msgstr ""
"finden Sie unter »Konfiguration«."
#. type: Content of: <refsect1><refsect2><para>
-#: include/ldap_id_mapping.xml:59
+#: include/ldap_id_mapping.xml:101
msgid ""
"Minimum configuration (in the <quote>[domain/DOMAINNAME]</quote> section):"
msgstr "Minimalkonfiguration (im Abschnitt »[domain/DOMAINNAME]«):"
#. type: Content of: <refsect1><refsect2><para><programlisting>
-#: include/ldap_id_mapping.xml:64
+#: include/ldap_id_mapping.xml:106
#, no-wrap
msgid ""
"ldap_id_mapping = True\n"
@@ -10419,7 +10860,7 @@ msgstr ""
"ldap_schema = ad\n"
#. type: Content of: <refsect1><refsect2><para>
-#: include/ldap_id_mapping.xml:69
+#: include/ldap_id_mapping.xml:111
msgid ""
"The default configuration results in configuring 10,000 slices, each capable "
"of holding up to 200,000 IDs, starting from 10,001 and going up to "
@@ -10431,17 +10872,17 @@ msgstr ""
"meisten Bereitstellungen ausreichen."
#. type: Content of: <refsect1><refsect2><refsect3><title>
-#: include/ldap_id_mapping.xml:75
+#: include/ldap_id_mapping.xml:117
msgid "Advanced Configuration"
msgstr "Fortgeschrittene Konfiguration"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
-#: include/ldap_id_mapping.xml:78
+#: include/ldap_id_mapping.xml:120
msgid "ldap_idmap_range_min (integer)"
msgstr "ldap_idmap_range_min (Ganzzahl)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: include/ldap_id_mapping.xml:81
+#: include/ldap_id_mapping.xml:123
msgid ""
"Specifies the lower bound of the range of POSIX IDs to use for mapping "
"Active Directory user and group SIDs."
@@ -10450,7 +10891,7 @@ msgstr ""
"Active-Directory-Benutzern und Gruppen-SIDs benutzt wird."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: include/ldap_id_mapping.xml:85
+#: include/ldap_id_mapping.xml:127
msgid ""
"NOTE: This option is different from <quote>min_id</quote> in that "
"<quote>min_id</quote> acts to filter the output of requests to this domain, "
@@ -10465,17 +10906,17 @@ msgstr ""
"kleiner oder gleich »ldap_idmap_range_min« sein sollte."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: include/ldap_id_mapping.xml:95 include/ldap_id_mapping.xml:131
+#: include/ldap_id_mapping.xml:137 include/ldap_id_mapping.xml:189
msgid "Default: 200000"
msgstr "Voreinstellung: 200000"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
-#: include/ldap_id_mapping.xml:100
+#: include/ldap_id_mapping.xml:142
msgid "ldap_idmap_range_max (integer)"
msgstr "ldap_idmap_range_max (Ganzzahl)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: include/ldap_id_mapping.xml:103
+#: include/ldap_id_mapping.xml:145
msgid ""
"Specifies the upper bound of the range of POSIX IDs to use for mapping "
"Active Directory user and group SIDs."
@@ -10484,7 +10925,7 @@ msgstr ""
"Active-Directory-Benutzern und Gruppen-SIDs benutzt wird."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: include/ldap_id_mapping.xml:107
+#: include/ldap_id_mapping.xml:149
msgid ""
"NOTE: This option is different from <quote>max_id</quote> in that "
"<quote>max_id</quote> acts to filter the output of requests to this domain, "
@@ -10499,17 +10940,17 @@ msgstr ""
"größer oder gleich »ldap_idmap_range_max« sein sollte."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: include/ldap_id_mapping.xml:117
+#: include/ldap_id_mapping.xml:159
msgid "Default: 2000200000"
msgstr "Voreinstellung: 2000200000"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
-#: include/ldap_id_mapping.xml:122
+#: include/ldap_id_mapping.xml:164
msgid "ldap_idmap_range_size (integer)"
msgstr "ldap_idmap_range_size (Ganzzahl)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: include/ldap_id_mapping.xml:125
+#: include/ldap_id_mapping.xml:167
msgid ""
"Specifies the number of IDs available for each slice. If the range size "
"does not divide evenly into the min and max values, it will create as many "
@@ -10519,13 +10960,37 @@ msgstr ""
"Bereichsgröße nicht gleichmäßig in die minimalen und maximalen Werte teilen "
"lässt, werden so viele komplette Slices wie möglich erstellt."
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:173
+msgid ""
+"NOTE: The value of this option must be at least as large as the highest user "
+"RID planned for use on the Active Directory server. User lookups and login "
+"will fail for any user whose RID is greater than this value."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:179
+msgid ""
+"For example, if your most recently-added Active Directory user has "
+"objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, "
+"<quote>ldap_idmap_range_size</quote> must be at least 1107."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:184
+msgid ""
+"It is important to plan ahead for future expansion, as changing this value "
+"will result in changing all of the ID mappings on the system, leading to "
+"users with different local IDs than they previously had."
+msgstr ""
+
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
-#: include/ldap_id_mapping.xml:136
+#: include/ldap_id_mapping.xml:194
msgid "ldap_idmap_default_domain_sid (string)"
msgstr "ldap_idmap_default_domain_sid (Zeichenkette)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: include/ldap_id_mapping.xml:139
+#: include/ldap_id_mapping.xml:197
msgid ""
"Specify the domain SID of the default domain. This will guarantee that this "
"domain will always be assigned to slice zero in the ID map, bypassing the "
@@ -10536,22 +11001,22 @@ msgstr ""
"der oben beschriebene Murmurhash-Algorithmus umgangen."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
-#: include/ldap_id_mapping.xml:150
+#: include/ldap_id_mapping.xml:208
msgid "ldap_idmap_default_domain (string)"
msgstr "ldap_idmap_default_domain (Zeichenkette)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: include/ldap_id_mapping.xml:153
+#: include/ldap_id_mapping.xml:211
msgid "Specify the name of the default domain."
msgstr "gibt den Namen der Standard-Domain an."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
-#: include/ldap_id_mapping.xml:161
+#: include/ldap_id_mapping.xml:219
msgid "ldap_idmap_autorid_compat (boolean)"
msgstr "ldap_idmap_autorid_compat (Boolesch)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: include/ldap_id_mapping.xml:164
+#: include/ldap_id_mapping.xml:222
msgid ""
"Changes the behavior of the ID-mapping algorithm to behave more similarly to "
"winbind's <quote>idmap_autorid</quote> algorithm."
@@ -10562,7 +11027,7 @@ msgstr ""
# FIXME s/monatomically/monotonically/
# http://www.canoo.net/services/GermanSpelling/Regeln/Gross-klein/Zahlen.html
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: include/ldap_id_mapping.xml:169
+#: include/ldap_id_mapping.xml:227
msgid ""
"When this option is configured, domains will be allocated starting with "
"slice zero and increasing monatomically with each additional domain."
@@ -10571,7 +11036,7 @@ msgstr ""
"null reserviert und gleichmäßig mit jeder zusätzlichen Domain vergrößert."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: include/ldap_id_mapping.xml:174
+#: include/ldap_id_mapping.xml:232
msgid ""
"NOTE: This algorithm is non-deterministic (it depends on the order that "
"users and groups are requested). If this mode is required for compatibility "
@@ -10586,6 +11051,77 @@ msgstr ""
"»ldap_idmap_default_domain_sid« zu verwenden. Dies soll sicherstellen, dass "
"mindestens eine Domain beständig für den Slice null reserviert ist."
+#. type: Content of: <refsect1><refsect2><title>
+#: include/ldap_id_mapping.xml:251
+msgid "Well-Known SIDs"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:253
+msgid ""
+"SSSD supports to look up the names of Well-Known SIDs, i.e. SIDs with a "
+"special hardcoded meaning. Since the generic users and groups related to "
+"those Well-Known SIDs have no equivalent in a Linux/UNIX environment no "
+"POSIX IDs are available for those objects."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:259
+msgid ""
+"The SID name space is organized in authorities which can be seen as "
+"different domains. The authorities for the Well-Known SIDs are"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:262
+msgid "Null Authority"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:263
+msgid "World Authority"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:264
+msgid "Local Authority"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:265
+msgid "Creator Authority"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:266
+msgid "NT Authority"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para>
+#: include/ldap_id_mapping.xml:267
+msgid "Built-in"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:269
+msgid ""
+"The capitalized version of these names are used as domain names when "
+"returning the fully qualified name of a Well-Known SID."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:273
+msgid ""
+"Since some utilities allow to modify SID based access control information "
+"with the help of a name instead of using the SID directly SSSD supports to "
+"look up the SID by the name as well. To avoid collisions only the fully "
+"qualified names are excepted to look up Well-Known SIDs. As a result the "
+"domain names <quote>NULL AUTHORITY</quote>, <quote>WORLD AUTHORITY</quote>, "
+"<quote> LOCAL AUTHORITY</quote>, <quote>CREATOR AUTHORITY</quote>, <quote>NT "
+"AUTHORITY</quote> and <quote>BUILTIN</quote> should not be used as domain "
+"names in <filename>sssd.conf</filename>."
+msgstr ""
+
#. type: Content of: <varlistentry><term>
#: include/param_help.xml:3
msgid "<option>-?</option>,<option>--help</option>"
@@ -10604,110 +11140,153 @@ msgstr "<option>-h</option>,<option>--help</option>"
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:3
msgid ""
-"Bit mask that indicates which debug levels will be visible. 0x0010 is the "
-"default value as well as the lowest allowed value, 0xFFF0 is the most "
-"verbose mode. This setting overrides the settings from config file."
+"SSSD supports two representations for specifying the debug level. The "
+"simplest is to specify a decimal value from 0-9, which represents enabling "
+"that level and all lower-level debug messages. The more comprehensive option "
+"is to specify a hexadecimal bitmask to enable or disable specific levels "
+"(such as if you wish to suppress a level)."
msgstr ""
-"Bit-Maske, die anzeigt, welche Debug-Stufen sichtbar sein werden. 0x0010 ist "
-"sowohl der Vorgabewert als auch der niedrigste erlaubte Wert, 0xFFF0 ist der "
-"Modus mit der detailreichsten Ausgabe. Diese Einstellung setzt die "
-"Einstellungen aus der Konfigurationsdatei außer Kraft."
#. type: Content of: <listitem><para>
-#: include/debug_levels.xml:8
+#: include/debug_levels.xml:10
msgid "Currently supported debug levels:"
msgstr "derzeit unterstützte Debug-Stufen:"
#. type: Content of: <listitem><para>
-#: include/debug_levels.xml:11
+#: include/debug_levels.xml:13
+#, fuzzy
+#| msgid ""
+#| "<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent "
+#| "SSSD from starting up or causes it to cease running."
msgid ""
-"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent "
-"SSSD from starting up or causes it to cease running."
+"<emphasis>0</emphasis>, <emphasis>0x0010</emphasis>: Fatal failures. "
+"Anything that would prevent SSSD from starting up or causes it to cease "
+"running."
msgstr ""
"<emphasis>0x0010</emphasis>: fatale Fehler. Alles, was SSSD am Starten "
"hindern oder zum Enden führen würde"
#. type: Content of: <listitem><para>
-#: include/debug_levels.xml:15
+#: include/debug_levels.xml:19
+#, fuzzy
+#| msgid ""
+#| "<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't "
+#| "kill the SSSD, but one that indicates that at least one major feature is "
+#| "not going to work properly."
msgid ""
-"<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't kill "
-"the SSSD, but one that indicates that at least one major feature is not "
-"going to work properly."
+"<emphasis>1</emphasis>, <emphasis>0x0020</emphasis>: Critical failures. An "
+"error that doesn't kill the SSSD, but one that indicates that at least one "
+"major feature is not going to work properly."
msgstr ""
"<emphasis>0x0020</emphasis>: kritische Fehler. Ein Fehler, der den SSSD "
"nicht beenden würde, der aber anzeigt, dass mindestens eine "
"Hauptfunktionalität nicht ordnungsgemäß laufen würde."
#. type: Content of: <listitem><para>
-#: include/debug_levels.xml:20
+#: include/debug_levels.xml:26
+#, fuzzy
+#| msgid ""
+#| "<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a "
+#| "particular request or operation has failed."
msgid ""
-"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a "
-"particular request or operation has failed."
+"<emphasis>2</emphasis>, <emphasis>0x0040</emphasis>: Serious failures. An "
+"error announcing that a particular request or operation has failed."
msgstr ""
"<emphasis>0x0040</emphasis>: schwerwiegende Fehler. Ein Fehler, der bekannt "
"gibt, dass eine bestimmte Anfrage oder Transaktion fehlgeschlagen ist."
#. type: Content of: <listitem><para>
-#: include/debug_levels.xml:24
+#: include/debug_levels.xml:31
+#, fuzzy
+#| msgid ""
+#| "<emphasis>0x0080</emphasis>: Minor failures. These are the errors that "
+#| "would percolate down to cause the operation failure of 2."
msgid ""
-"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would "
-"percolate down to cause the operation failure of 2."
+"<emphasis>3</emphasis>, <emphasis>0x0080</emphasis>: Minor failures. These "
+"are the errors that would percolate down to cause the operation failure of 2."
msgstr ""
"<emphasis>0x0080</emphasis>: nebensächliche Fehler. Dies sind die Fehler, "
"die sich ausbreiten, um den Transaktionsfehler von 2 zu verursachen."
#. type: Content of: <listitem><para>
-#: include/debug_levels.xml:28
-msgid "<emphasis>0x0100</emphasis>: Configuration settings."
+#: include/debug_levels.xml:36
+#, fuzzy
+#| msgid "<emphasis>0x0100</emphasis>: Configuration settings."
+msgid ""
+"<emphasis>4</emphasis>, <emphasis>0x0100</emphasis>: Configuration settings."
msgstr "<emphasis>0x0100</emphasis>: Konfigurationseinstellungen"
#. type: Content of: <listitem><para>
-#: include/debug_levels.xml:31
-msgid "<emphasis>0x0200</emphasis>: Function data."
+#: include/debug_levels.xml:40
+#, fuzzy
+#| msgid "<emphasis>0x0200</emphasis>: Function data."
+msgid "<emphasis>5</emphasis>, <emphasis>0x0200</emphasis>: Function data."
msgstr "<emphasis>0x0200</emphasis>: Funktionsdaten"
#. type: Content of: <listitem><para>
-#: include/debug_levels.xml:34
-msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions."
+#: include/debug_levels.xml:44
+#, fuzzy
+#| msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions."
+msgid ""
+"<emphasis>6</emphasis>, <emphasis>0x0400</emphasis>: Trace messages for "
+"operation functions."
msgstr ""
"<emphasis>0x0400</emphasis>: Verfolgungsnachrichten von "
"Transaktionsfunktionen"
#. type: Content of: <listitem><para>
-#: include/debug_levels.xml:37
+#: include/debug_levels.xml:48
+#, fuzzy
+#| msgid ""
+#| "<emphasis>0x1000</emphasis>: Trace messages for internal control "
+#| "functions."
msgid ""
-"<emphasis>0x1000</emphasis>: Trace messages for internal control functions."
+"<emphasis>7</emphasis>, <emphasis>0x1000</emphasis>: Trace messages for "
+"internal control functions."
msgstr ""
"<emphasis>0x1000</emphasis>: Verfolgungsnachrichten für interne "
"Steuerfunktionen"
#. type: Content of: <listitem><para>
-#: include/debug_levels.xml:40
+#: include/debug_levels.xml:53
+#, fuzzy
+#| msgid ""
+#| "<emphasis>0x2000</emphasis>: Contents of function-internal variables that "
+#| "may be interesting."
msgid ""
-"<emphasis>0x2000</emphasis>: Contents of function-internal variables that "
-"may be interesting."
+"<emphasis>8</emphasis>, <emphasis>0x2000</emphasis>: Contents of function-"
+"internal variables that may be interesting."
msgstr ""
"<emphasis>0x2000</emphasis>: Inhalt möglicherweise interessanter "
"funktionsinterner Variablen"
#. type: Content of: <listitem><para>
-#: include/debug_levels.xml:43
-msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information."
+#: include/debug_levels.xml:58
+#, fuzzy
+#| msgid ""
+#| "<emphasis>0x4000</emphasis>: Extremely low-level tracing information."
+msgid ""
+"<emphasis>9</emphasis>, <emphasis>0x4000</emphasis>: Extremely low-level "
+"tracing information."
msgstr ""
"<emphasis>0x4000</emphasis>: Verfolgungsinformationen auf extrem niediger "
"Ebene"
#. type: Content of: <listitem><para>
-#: include/debug_levels.xml:46
+#: include/debug_levels.xml:62
+#, fuzzy
+#| msgid ""
+#| "To log required debug levels, simply add their numbers together as shown "
+#| "in following examples:"
msgid ""
-"To log required debug levels, simply add their numbers together as shown in "
-"following examples:"
+"To log required bitmask debug levels, simply add their numbers together as "
+"shown in following examples:"
msgstr ""
"Um die benötigten Debug-Stufen zu protokollieren, fügen Sie einfach, wie in "
"den folgenden Beispielen gezeigt, ihre Nummern hinzu:"
#. type: Content of: <listitem><para>
-#: include/debug_levels.xml:49
+#: include/debug_levels.xml:66
msgid ""
"<emphasis>Example</emphasis>: To log fatal failures, critical failures, "
"serious failures and function data use 0x0270."
@@ -10716,7 +11295,7 @@ msgstr ""
"und Funktionsdaten zu protokollieren, benutzen Sie 0x0270."
#. type: Content of: <listitem><para>
-#: include/debug_levels.xml:53
+#: include/debug_levels.xml:70
msgid ""
"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, "
"function data, trace messages for internal control functions use 0x1310."
@@ -10726,15 +11305,26 @@ msgstr ""
"interne Steuerfunktionen zu protokollieren, benutzen Sie 0x1310."
#. type: Content of: <listitem><para>
-#: include/debug_levels.xml:57
+#: include/debug_levels.xml:75
+#, fuzzy
+#| msgid ""
+#| "<emphasis>Note</emphasis>: This is new format of debug levels introduced "
+#| "in 1.7.0. Older format (numbers from 0-10) is compatible but deprecated."
msgid ""
-"<emphasis>Note</emphasis>: This is new format of debug levels introduced in "
-"1.7.0. Older format (numbers from 0-10) is compatible but deprecated."
+"<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced "
+"in 1.7.0."
msgstr ""
"<emphasis>Hinweis</emphasis>: Dies ist das neue in 1.7.0. eingeführte Format "
"von Debug-Stufen. Das ältere Format (Versionen von 0-10) ist kompatibel aber "
"missbilligt."
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:79
+#, fuzzy
+#| msgid "<emphasis>h</emphasis> for hours"
+msgid "<emphasis>Default</emphasis>: 0"
+msgstr "<emphasis>h</emphasis> für Stunden"
+
#. type: Content of: outside any tag (error?)
#: include/experimental.xml:1
msgid ""
@@ -10786,6 +11376,45 @@ msgstr "SIEHE AUCH"
# FIXME wrong order
#. type: Content of: <refsect1><para>
#: include/seealso.xml:4
+#, fuzzy
+#| msgid ""
+#| "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</"
+#| "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
+#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
+#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</"
+#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </"
+#| "citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> "
+#| "<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </"
+#| "citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_seed</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</"
+#| "manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> "
+#| "<citerefentry> <refentrytitle>sss_ssh_authorizedkeys</refentrytitle> "
+#| "<manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
+#| "manvolnum> </citerefentry>, </phrase> <citerefentry> "
+#| "<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>."
msgid ""
"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
@@ -10821,6 +11450,8 @@ msgid ""
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, <citerefentry> "
"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> "
+"<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
msgstr ""
@@ -10863,7 +11494,6 @@ msgstr ""
#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:3
-#: include/ldap_search_bases_experimental.xml:3
msgid ""
"An optional base DN, search scope and LDAP filter to restrict LDAP searches "
"for this attribute type."
@@ -10873,32 +11503,33 @@ msgstr ""
#. type: Content of: <listitem><para><programlisting>
#: include/ldap_search_bases.xml:9
-#: include/ldap_search_bases_experimental.xml:9
#, no-wrap
msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]\n"
msgstr "search_base[?Gültigkeitsbereich?[Filter][?Suchbasis?Gültigkeitsbereich?[Filter]]*]\n"
#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:7
-#: include/ldap_search_bases_experimental.xml:7
msgid "syntax: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "Syntax: <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:13
-#: include/ldap_search_bases_experimental.xml:13
+#, fuzzy
+#| msgid ""
+#| "The scope can be one of \"base\", \"onelevel\" or \"subtree\". The filter "
+#| "must be a valid LDAP search filter as specified by http://www.ietf.org/"
+#| "rfc/rfc2254.txt"
msgid ""
-"The scope can be one of \"base\", \"onelevel\" or \"subtree\". The filter "
-"must be a valid LDAP search filter as specified by http://www.ietf.org/rfc/"
-"rfc2254.txt"
+"The scope can be one of \"base\", \"onelevel\" or \"subtree\". The scope "
+"functions as specified in section 4.5.1.2 of http://tools.ietf.org/html/"
+"rfc4511"
msgstr ""
"Der Gültigkeitsbereich kann entweder »base«, »onelevel« oder »subtree« sein. "
"Der Filter muss ein gültiger LDAP-Suchfilter sein, wie durch http://www.ietf."
"org/rfc/rfc2254.txt spezifiziert."
#. type: Content of: <listitem><para>
-#: include/ldap_search_bases.xml:19
-#: include/ldap_search_bases_experimental.xml:19
+#: include/ldap_search_bases.xml:23
msgid ""
"For examples of this syntax, please refer to the <quote>ldap_search_base</"
"quote> examples section."
@@ -10907,8 +11538,7 @@ msgstr ""
"»ldap_search_base«."
#. type: Content of: <listitem><para>
-#: include/ldap_search_bases.xml:27
-#: include/ldap_search_bases_experimental.xml:27
+#: include/ldap_search_bases.xml:31
msgid ""
"Please note that specifying scope or filter is not supported for searches "
"against an Active Directory Server that might yield a large number of "
@@ -11000,8 +11630,296 @@ msgstr ""
"Voreinstellung: nicht gesetzt (SSSD wird den von LDAP geholten Wert "
"benutzen.)"
-msgid "Default: FILE:%d/krb5cc_%U_XXXXXX"
-msgstr "Voreinstellung: FILE:%d/krb5cc_%U_XXXXXX"
+#~ msgid ""
+#~ "Override the login shell for all users. This option can be specified "
+#~ "globally in the [nss] section or per-domain."
+#~ msgstr ""
+#~ "setzt die Anmelde-Shell für alle Benutzer außer Kraft. Diese Option kann "
+#~ "global im Abschnitt [nss] oder pro Domain angegeben werden."
+
+#~ msgid "ldap_user_search_filter (string)"
+#~ msgstr "ldap_user_search_filter (Zeichenkette)"
+
+#~ msgid ""
+#~ "This option specifies an additional LDAP search filter criteria that "
+#~ "restrict user searches."
+#~ msgstr ""
+#~ "Diese Option gibt ein zusätzliches LDAP-Suchfilterkriterium an, das die "
+#~ "Benutzersuche einschränkt."
+
+#~ msgid ""
+#~ "This option is <emphasis>deprecated</emphasis> in favor of the syntax "
+#~ "used by ldap_user_search_base."
+#~ msgstr ""
+#~ "Diese Option ist zugunsten von der durch »ldap_user_search_base« "
+#~ "benutzten Syntax <emphasis>missbilligt</emphasis>."
+
+#~ msgid ""
+#~ " ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
+#~ " "
+#~ msgstr ""
+#~ " ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
+#~ " "
+
+#~ msgid ""
+#~ "This filter would restrict user searches to users that have their shell "
+#~ "set to /bin/tcsh."
+#~ msgstr ""
+#~ "Dieser Filter würde die Benutzersuche auf Benutzer beschränken, deren "
+#~ "Shell auf /bin/tcsh gesetzt ist."
+
+#~ msgid "ldap_group_search_filter (string)"
+#~ msgstr "ldap_group_search_filter (Zeichenkette)"
+
+#~ msgid ""
+#~ "This option specifies an additional LDAP search filter criteria that "
+#~ "restrict group searches."
+#~ msgstr ""
+#~ "Diese Option gibt ein zusätzliches LDAP-Suchfilterkriterium an, das "
+#~ "Gruppensuchen einschränkt."
+
+#~ msgid ""
+#~ "This option is <emphasis>deprecated</emphasis> in favor of the syntax "
+#~ "used by ldap_group_search_base."
+#~ msgstr ""
+#~ "Diese Option ist <emphasis>missbilligt</emphasis> zugunsten von der durch "
+#~ "»ldap_group_search_base« benutzten Syntax."
+
+#~ msgid ""
+#~ "If filter is given in any of search bases and "
+#~ "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
+#~ "will be ignored."
+#~ msgstr ""
+#~ "Falls in irgendeiner der Suchgrundlagen ein Filter angegeben wurde und "
+#~ "<emphasis>ipa_hbac_support_srchost</emphasis> auf »False« gesetzt ist, "
+#~ "wird der Filter ignoriert."
+
+#~ msgid "ipa_hbac_support_srchost (boolean)"
+#~ msgstr "ipa_hbac_support_srchost (Boolesch)"
+
+#~ msgid ""
+#~ "If this is set to false, then srchost as given to SSSD by PAM will be "
+#~ "ignored."
+#~ msgstr ""
+#~ "Falls dies auf »false« gesetzt ist, wird »srchost«, das durch PAM an SSSD "
+#~ "übergeben wurde, ignoriert."
+
+#~ msgid ""
+#~ "Note that if set to <emphasis>False</emphasis>, this option casuses "
+#~ "filters given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
+#~ msgstr ""
+#~ "Beachten Sie, dass diese Option, falls sie auf <emphasis>False</emphasis> "
+#~ "gesetzt ist, veranlasst, dass in <emphasis>ipa_host_search_base</"
+#~ "emphasis> angegebene Filter ignoriert werden."
+
+#~ msgid "ipa_netgroup_member_of (string)"
+#~ msgstr "ipa_netgroup_member_of (Zeichenkette)"
+
+#~ msgid "The LDAP attribute that lists netgroup's memberships."
+#~ msgstr "das LDAP-Attribut, das die Netzgruppenmitgliedschaften aufführt"
+
+#~ msgid "ipa_netgroup_member_user (string)"
+#~ msgstr "ipa_netgroup_member_user (Zeichenkette)"
+
+#~ msgid ""
+#~ "The LDAP attribute that lists system users and groups that are direct "
+#~ "members of the netgroup."
+#~ msgstr ""
+#~ "das LDAP-Attribut, das die Systembenutzer und Gruppen aufführt, die "
+#~ "direkte Mitglieder der Netzgruppe sind"
+
+#~ msgid "Default: memberUser"
+#~ msgstr "Voreinstellung: memberUser"
+
+#~ msgid "ipa_netgroup_member_host (string)"
+#~ msgstr "ipa_netgroup_member_host (Zeichenkette)"
+
+#~ msgid ""
+#~ "The LDAP attribute that lists hosts and host groups that are direct "
+#~ "members of the netgroup."
+#~ msgstr ""
+#~ "das LDAP-Attribut, das Rechner und Rechnergruppen aufführt, die direkte "
+#~ "Mitglieder der Netzgruppe sind"
+
+#~ msgid "Default: memberHost"
+#~ msgstr "Voreinstellung: memberHost"
+
+#~ msgid "ipa_netgroup_member_ext_host (string)"
+#~ msgstr "ipa_netgroup_member_ext_host (Zeichenkette)"
+
+#~ msgid ""
+#~ "The LDAP attribute that lists FQDNs of hosts and host groups that are "
+#~ "members of the netgroup."
+#~ msgstr ""
+#~ "das LDAP-Attribut, das FQDNs von Rechnern und Rechnergruppen aufführt, "
+#~ "die direkte Mitglieder der Netzgruppe sind"
+
+#~ msgid "Default: externalHost"
+#~ msgstr "Voreinstellung: externalHost"
+
+#~ msgid "ipa_netgroup_domain (string)"
+#~ msgstr "ipa_netgroup_domain (Zeichenkette)"
+
+#~ msgid "The LDAP attribute that contains NIS domain name of the netgroup."
+#~ msgstr "das LDAP-Attribut, das den NIS-Domain-Namen der Netzgruppe enthält"
+
+#~ msgid "Default: nisDomainName"
+#~ msgstr "Voreinstellung: nisDomainName"
+
+#~ msgid "ipa_host_object_class (string)"
+#~ msgstr "ipa_host_object_class (Zeichenkette)"
+
+#~ msgid "The object class of a host entry in LDAP."
+#~ msgstr "die Objektklasse eines Rechnereintrags in LDAP"
+
+#~ msgid "Default: ipaHost"
+#~ msgstr "Voreinstellung: ipaHost"
+
+#~ msgid "ipa_host_fqdn (string)"
+#~ msgstr "ipa_host_fqdn (Zeichenkette)"
+
+#~ msgid "The LDAP attribute that contains FQDN of the host."
+#~ msgstr "das LDAP-Attribut, das den FQDN des Rechners enthält"
+
+#~ msgid "Default: fqdn"
+#~ msgstr "Voreinstellung: fqdn"
+
+#~ msgid "ipa_selinux_usermap_object_class (string)"
+#~ msgstr "ipa_selinux_usermap_object_class (Zeichenkette)"
+
+#~ msgid "ipa_selinux_usermap_name (string)"
+#~ msgstr "ipa_selinux_usermap_name (Zeichenkette)"
+
+#~ msgid "The LDAP attribute that contains the name of SELinux usermap."
+#~ msgstr ""
+#~ "das LDAP-Attribut, das den Namen der SELinux-Benutzerabbildung enthält"
+
+#~ msgid "ipa_selinux_usermap_member_user (string)"
+#~ msgstr "ipa_selinux_usermap_member_user (Zeichenkette)"
+
+#~ msgid ""
+#~ "The LDAP attribute that contains all users / groups this rule match "
+#~ "against."
+#~ msgstr ""
+#~ "das LDAP-Attribut, das alle Benutzer/Gruppen enthält, auf die diese Regel "
+#~ "passt"
+
+#~ msgid "ipa_selinux_usermap_member_host (string)"
+#~ msgstr "ipa_selinux_usermap_member_host (Zeichenkette)"
+
+#~ msgid ""
+#~ "The LDAP attribute that contains all hosts / hostgroups this rule match "
+#~ "against."
+#~ msgstr ""
+#~ "das LDAP-Attribut, das alle Rechner/Rechnergruppen enthält, auf die diese "
+#~ "Regel passt"
+
+#~ msgid "ipa_selinux_usermap_see_also (string)"
+#~ msgstr "ipa_selinux_usermap_see_also (Zeichenkette)"
+
+#~ msgid ""
+#~ "The LDAP attribute that contains DN of HBAC rule which can be used for "
+#~ "matching instead of memberUser and memberHost"
+#~ msgstr ""
+#~ "das LDAP-Attribut, das DNs von HBAC-Regeln enthält, die anstelle von "
+#~ "»memberUser« und »memberHost« zum Abgleich benutzt werden können"
+
+#~ msgid "Default: seeAlso"
+#~ msgstr "Voreinstellung: seeAlso"
+
+#~ msgid "ipa_selinux_usermap_selinux_user (string)"
+#~ msgstr "ipa_selinux_usermap_selinux_user (Zeichenkette)"
+
+#~ msgid "The LDAP attribute that contains SELinux user string itself."
+#~ msgstr ""
+#~ "das LDAP-Attribut, das die SELinux-Benutzerzeichenkette selbst enthält"
+
+#~ msgid "Default: ipaSELinuxUser"
+#~ msgstr "Voreinstellung: ipaSELinuxUser"
+
+#~ msgid "ipa_selinux_usermap_enabled (string)"
+#~ msgstr "ipa_selinux_usermap_enabled (Zeichenkette)"
+
+#~ msgid ""
+#~ "The LDAP attribute that contains whether or not is user map enabled for "
+#~ "usage."
+#~ msgstr ""
+#~ "das LDAP-Attribut, das besagt, ob die Benutzerabbildung zur Verwendung "
+#~ "aktiviert ist oder nicht"
+
+#~ msgid "Default: ipaEnabledFlag"
+#~ msgstr "Voreinstellung: ipaEnabledFlag"
+
+#~ msgid "ipa_selinux_usermap_user_category (string)"
+#~ msgstr "ipa_selinux_usermap_user_category (Zeichenkette)"
+
+#~ msgid "The LDAP attribute that contains user category such as 'all'."
+#~ msgstr ""
+#~ "das LDAP-Attribut, das die Benutzerkategorie wie etwa »alle« enthält"
+
+#~ msgid "Default: userCategory"
+#~ msgstr "Voreinstellung: userCategory"
+
+#~ msgid "ipa_selinux_usermap_host_category (string)"
+#~ msgstr "ipa_selinux_usermap_host_category (Zeichenkette)"
+
+#~ msgid "The LDAP attribute that contains host category such as 'all'."
+#~ msgstr "das LDAP-Attribut, das die Rechnerkategorie wie etwa »alle« enthält"
+
+#~ msgid "Default: hostCategory"
+#~ msgstr "Voreinstellung: hostCategory"
+
+#~ msgid "ipa_selinux_usermap_uuid (string)"
+#~ msgstr "ipa_selinux_usermap_uuid (Zeichenkette)"
+
+#~ msgid "The LDAP attribute that contains unique ID of the user map."
+#~ msgstr ""
+#~ "das LDAP-Attribut, das die eindeutige ID der Benutzerabbildung enthält"
+
+#~ msgid "Default: ipaUniqueID"
+#~ msgstr "Voreinstellung: ipaUniqueID"
+
+#~ msgid "ipa_host_ssh_public_key (string)"
+#~ msgstr "ipa_host_ssh_public_key (Zeichenkette)"
+
+#~ msgid "The LDAP attribute that contains the host's SSH public keys."
+#~ msgstr ""
+#~ "das LDAP-Attribut, das die öffentlichen SSH-Schlüssel des Rechners enthält"
+
+#~ msgid "Default: ipaSshPubKey"
+#~ msgstr "Voreinstellung: ipaSshPubKey"
+
+#~ msgid ""
+#~ "Directory to store credential caches. All the substitution sequences of "
+#~ "krb5_ccname_template can be used here, too, except %d and %P. If the "
+#~ "directory does not exist, it will be created. If %u, %U, %p or %h are "
+#~ "used, a private directory belonging to the user is created. Otherwise, a "
+#~ "public directory with restricted deletion flag (aka sticky bit, as "
+#~ "described in <citerefentry> <refentrytitle>chmod</refentrytitle> "
+#~ "<manvolnum>1</manvolnum> </citerefentry> for details) is created."
+#~ msgstr ""
+#~ "Verzeichnis, in dem Berechtigungszwischenspeicher abgelegt werden. Hier "
+#~ "können auch alle Ersetzungssequenzen von »krb5_ccname_template« benutzt "
+#~ "werden, außer %d und %P. Falls das Verzeichnis nicht existiert, wird es "
+#~ "erstellt. Falls %u, %U, %p oder %h benutzt werden, wird ein privates "
+#~ "Verzeichnis, das dem Benutzer gehört, erstellt. Andernfalls wird ein "
+#~ "öffentliches Verzeichnis mit einem Schalter für eingeschränktes Löschen "
+#~ "(auch bekannt als Sticky-Bit, detailliert beschrieben unter "
+#~ "<citerefentry> <refentrytitle>chmod</refentrytitle> <manvolnum>1</"
+#~ "manvolnum> </citerefentry>) erstellt."
+
+#~ msgid ""
+#~ "Bit mask that indicates which debug levels will be visible. 0x0010 is the "
+#~ "default value as well as the lowest allowed value, 0xFFF0 is the most "
+#~ "verbose mode. This setting overrides the settings from config file."
+#~ msgstr ""
+#~ "Bit-Maske, die anzeigt, welche Debug-Stufen sichtbar sein werden. 0x0010 "
+#~ "ist sowohl der Vorgabewert als auch der niedrigste erlaubte Wert, 0xFFF0 "
+#~ "ist der Modus mit der detailreichsten Ausgabe. Diese Einstellung setzt "
+#~ "die Einstellungen aus der Konfigurationsdatei außer Kraft."
+
+#~ msgid "Default: FILE:%d/krb5cc_%U_XXXXXX"
+#~ msgstr "Voreinstellung: FILE:%d/krb5cc_%U_XXXXXX"
#~ msgid "SSSD Services to start"
#~ msgstr "SSSD-Dienste zum Starten"
@@ -11021,9 +11939,6 @@ msgstr "Voreinstellung: FILE:%d/krb5cc_%U_XXXXXX"
#~ msgid "Kerberos server address"
#~ msgstr "Kerberos-Serveradresse"
-#~ msgid "Kerberos realm"
-#~ msgstr "Kerberos Realm"
-
#~ msgid "Username attribute"
#~ msgstr "Benutzername-Attribut"
@@ -11042,9 +11957,6 @@ msgstr "Voreinstellung: FILE:%d/krb5cc_%U_XXXXXX"
#~ msgid "Full Name"
#~ msgstr "Vollständiger Name"
-#~ msgid "Login shell"
-#~ msgstr "Anmelde-Shell"
-
#~ msgid "Groups"
#~ msgstr "Gruppen"
generated by cgit (git 2.34.1) at 2024-04-18 17:34:33 +0000