diff options
Diffstat (limited to 'src/man/po/zh_CN.po')
-rw-r--r-- | src/man/po/zh_CN.po | 490 |
1 files changed, 248 insertions, 242 deletions
diff --git a/src/man/po/zh_CN.po b/src/man/po/zh_CN.po index 124e27163..39f78d0fb 100644 --- a/src/man/po/zh_CN.po +++ b/src/man/po/zh_CN.po @@ -6,18 +6,19 @@ # Christopher Meng <cickumqt@gmail.com>, 2012 msgid "" msgstr "" -"Project-Id-Version: SSSD\n" +"Project-Id-Version: sssd-docs 1.12.2\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2015-01-08 18:14+0100\n" -"PO-Revision-Date: 2014-06-04 18:04+0000\n" +"POT-Creation-Date: 2015-02-18 16:52+0100\n" +"PO-Revision-Date: 2014-06-04 02:04-0400\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Chinese (China) (http://www.transifex.com/projects/p/sssd/" "language/zh_CN/)\n" -"Language: zh_CN\n" +"Language: zh-CN\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=1; plural=0;\n" +"X-Generator: Zanata 3.5.1\n" #. type: Content of: <reference><title> #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -82,7 +83,7 @@ msgstr "" #: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 #: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 #: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_seed.8.xml:42 -#: sss_ssh_authorizedkeys.1.xml:75 sss_ssh_knownhostsproxy.1.xml:62 +#: sss_ssh_authorizedkeys.1.xml:76 sss_ssh_knownhostsproxy.1.xml:62 msgid "OPTIONS" msgstr "选项" @@ -233,8 +234,8 @@ msgstr "" #: sssd.conf.5.xml:81 sssd.conf.5.xml:571 sssd.conf.5.xml:1014 #: sssd-ldap.5.xml:1625 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1784 #: sssd-ldap.5.xml:2273 sssd-ldap.5.xml:2338 sssd-ldap.5.xml:2356 -#: sssd-ipa.5.xml:375 sssd-ipa.5.xml:410 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:695 sssd-ad.5.xml:784 sssd-krb5.5.xml:490 +#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:413 sssd-ad.5.xml:166 sssd-ad.5.xml:264 +#: sssd-ad.5.xml:714 sssd-ad.5.xml:806 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "" @@ -254,7 +255,7 @@ msgstr "" #: sssd.conf.5.xml:94 sssd.conf.5.xml:968 sssd.conf.5.xml:2043 #: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1499 sssd-ldap.5.xml:1518 #: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:2060 sssd-ipa.5.xml:139 -#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:540 sssd-krb5.5.xml:257 +#: sssd-ipa.5.xml:208 sssd-ipa.5.xml:543 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "" @@ -362,7 +363,7 @@ msgid "" "domains at the same time, but at least one must be configured or SSSD won't " "start. This parameter described the list of domains in the order you want " "them to be queried. A domain name should only consist of alphanumeric ASCII " -"characters, dashes and underscores." +"characters, dashes, dots and underscores." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> @@ -547,8 +548,8 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:336 sssd-ldap.5.xml:663 sssd-ldap.5.xml:1458 -#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:543 -#: sssd-ad.5.xml:608 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1552 sssd-ad.5.xml:557 +#: sssd-ad.5.xml:627 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 #: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "" @@ -1702,7 +1703,7 @@ msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1350 sssd-ipa.5.xml:224 msgid "Default: 0 (disabled)" msgstr "" @@ -2626,7 +2627,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:2246 sssd-ldap.5.xml:2518 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:715 sssd-ad.5.xml:821 sssd-krb5.5.xml:519 +#: sssd-ipa.5.xml:718 sssd-ad.5.xml:843 sssd-krb5.5.xml:519 #: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "" @@ -3502,7 +3503,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:738 sssd-ldap.5.xml:831 sssd-ldap.5.xml:1058 #: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:2102 sssd-ldap.5.xml:2441 -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:591 msgid "Default: cn" msgstr "" @@ -4258,7 +4259,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1479 msgid "" -"Specifies acceptable cipher suites. Typically this is a colon separated " +"Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry> for format." msgstr "" @@ -4419,7 +4420,7 @@ msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1638 sssd-ad.5.xml:739 +#: sssd-ldap.5.xml:1638 sssd-ad.5.xml:761 msgid "Default: 86400 (24 hours)" msgstr "" @@ -4457,7 +4458,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1673 sssd-ipa.5.xml:385 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1673 sssd-ipa.5.xml:388 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" @@ -4472,7 +4473,7 @@ msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:400 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:403 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" @@ -5403,7 +5404,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para> #: sssd-ldap.5.xml:2525 sssd-ldap.5.xml:2543 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:723 sssd-ad.5.xml:829 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 +#: sssd-ipa.5.xml:726 sssd-ad.5.xml:851 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 #: sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -5438,7 +5439,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2559 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:844 sssd.8.xml:195 sss_seed.8.xml:163 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:866 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "" @@ -5948,7 +5949,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:676 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:695 msgid "dyndns_update (boolean)" msgstr "" @@ -5963,7 +5964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:690 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:709 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5978,12 +5979,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:701 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:720 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:704 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:723 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -6004,19 +6005,24 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:715 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:734 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:718 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:737 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:173 +#: sssd-ipa.5.xml:173 sssd-ad.5.xml:742 +msgid "NOTE: This option currently supports only one interface." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:176 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" @@ -6024,22 +6030,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:179 +#: sssd-ipa.5.xml:182 msgid "Default: Use the IP address of the IPA LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:185 +#: sssd-ipa.5.xml:188 msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:188 sssd-ad.5.xml:152 +#: sssd-ipa.5.xml:191 sssd-ad.5.xml:152 msgid "Enables DNS sites - location based service discovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:192 +#: sssd-ipa.5.xml:195 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " @@ -6051,12 +6057,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:729 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:751 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:732 +#: sssd-ipa.5.xml:217 sssd-ad.5.xml:754 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -6064,174 +6070,174 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:745 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:767 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:748 +#: sssd-ipa.5.xml:233 sssd-ad.5.xml:770 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:235 +#: sssd-ipa.5.xml:238 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:241 +#: sssd-ipa.5.xml:244 msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:759 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:781 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:762 +#: sssd-ipa.5.xml:253 sssd-ad.5.xml:784 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:766 +#: sssd-ipa.5.xml:257 sssd-ad.5.xml:788 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 +#: sssd-ipa.5.xml:263 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 +#: sssd-ipa.5.xml:266 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:267 +#: sssd-ipa.5.xml:270 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:273 +#: sssd-ipa.5.xml:276 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:276 +#: sssd-ipa.5.xml:279 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:299 sssd-ipa.5.xml:318 sssd-ipa.5.xml:337 -#: sssd-ipa.5.xml:356 +#: sssd-ipa.5.xml:283 sssd-ipa.5.xml:302 sssd-ipa.5.xml:321 sssd-ipa.5.xml:340 +#: sssd-ipa.5.xml:359 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:285 sssd-ipa.5.xml:304 include/ldap_search_bases.xml:27 +#: sssd-ipa.5.xml:288 sssd-ipa.5.xml:307 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:292 +#: sssd-ipa.5.xml:295 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 +#: sssd-ipa.5.xml:298 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:311 +#: sssd-ipa.5.xml:314 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:314 +#: sssd-ipa.5.xml:317 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:323 +#: sssd-ipa.5.xml:326 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:330 +#: sssd-ipa.5.xml:333 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:333 +#: sssd-ipa.5.xml:336 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:342 +#: sssd-ipa.5.xml:345 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:349 +#: sssd-ipa.5.xml:352 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:352 +#: sssd-ipa.5.xml:355 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:361 +#: sssd-ipa.5.xml:364 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 sssd-krb5.5.xml:245 +#: sssd-ipa.5.xml:371 sssd-krb5.5.xml:245 msgid "krb5_validate (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 +#: sssd-ipa.5.xml:374 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 sssd-ad.5.xml:787 +#: sssd-ipa.5.xml:381 sssd-ad.5.xml:809 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:388 +#: sssd-ipa.5.xml:391 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:392 +#: sssd-ipa.5.xml:395 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:403 +#: sssd-ipa.5.xml:406 msgid "" "Specifies if the host and user principal should be canonicalized when " "connecting to IPA LDAP and also for AS requests. This feature is available " @@ -6239,24 +6245,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:416 sssd-krb5.5.xml:407 +#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:407 msgid "krb5_use_fast (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:419 sssd-krb5.5.xml:410 +#: sssd-ipa.5.xml:422 sssd-krb5.5.xml:410 msgid "" "Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" "authentication. The following options are supported:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:424 +#: sssd-ipa.5.xml:427 msgid "<emphasis>never</emphasis> use FAST." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:427 +#: sssd-ipa.5.xml:430 msgid "" "<emphasis>try</emphasis> to use FAST. If the server does not support FAST, " "continue the authentication without it. This is equivalent to not setting " @@ -6264,19 +6270,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:433 sssd-krb5.5.xml:424 +#: sssd-ipa.5.xml:436 sssd-krb5.5.xml:424 msgid "" "<emphasis>demand</emphasis> to use FAST. The authentication fails if the " "server does not require fast." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:438 +#: sssd-ipa.5.xml:441 msgid "Default: try" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-krb5.5.xml:435 +#: sssd-ipa.5.xml:444 sssd-krb5.5.xml:435 msgid "" "NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If " "SSSD is used with an older version of MIT Kerberos, using this option is a " @@ -6284,37 +6290,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:794 +#: sssd-ipa.5.xml:453 sssd-ad.5.xml:816 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:453 sssd-ad.5.xml:797 +#: sssd-ipa.5.xml:456 sssd-ad.5.xml:819 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:457 sssd-ad.5.xml:801 +#: sssd-ipa.5.xml:460 sssd-ad.5.xml:823 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:805 +#: sssd-ipa.5.xml:464 sssd-ad.5.xml:827 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:468 +#: sssd-ipa.5.xml:471 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 +#: sssd-ipa.5.xml:474 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -6322,17 +6328,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:478 sssd-ipa.5.xml:494 sssd-ad.5.xml:330 +#: sssd-ipa.5.xml:481 sssd-ipa.5.xml:497 sssd-ad.5.xml:344 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:484 +#: sssd-ipa.5.xml:487 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:487 +#: sssd-ipa.5.xml:490 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -6340,12 +6346,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 +#: sssd-ipa.5.xml:503 msgid "ipa_hbac_treat_deny_as (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 +#: sssd-ipa.5.xml:506 msgid "" "This option specifies how to treat the deprecated DENY-type HBAC rules. As " "of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " @@ -6354,211 +6360,209 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:515 msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:517 +#: sssd-ipa.5.xml:520 msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:522 +#: sssd-ipa.5.xml:525 msgid "Default: DENY_ALL" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:528 +#: sssd-ipa.5.xml:531 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 +#: sssd-ipa.5.xml:534 msgid "This option should only be set by the IPA installer." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:535 +#: sssd-ipa.5.xml:538 msgid "" "The option denotes that the SSSD is running on IPA server and should perform " "lookups of users and groups from trusted domains differently." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:549 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 +#: sssd-ipa.5.xml:552 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:552 +#: sssd-ipa.5.xml:555 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:560 +#: sssd-ipa.5.xml:563 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:569 +#: sssd-ipa.5.xml:572 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:572 +#: sssd-ipa.5.xml:575 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:575 -#, fuzzy -#| msgid "Default: 3" +#: sssd-ipa.5.xml:578 msgid "Default: nsContainer" -msgstr "默认: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:581 +#: sssd-ipa.5.xml:584 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:584 +#: sssd-ipa.5.xml:587 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:597 msgid "ipa_overide_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:600 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:600 +#: sssd-ipa.5.xml:603 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:606 +#: sssd-ipa.5.xml:609 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:609 +#: sssd-ipa.5.xml:612 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:616 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:619 +#: sssd-ipa.5.xml:622 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 +#: sssd-ipa.5.xml:625 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:627 +#: sssd-ipa.5.xml:630 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:630 +#: sssd-ipa.5.xml:633 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:633 +#: sssd-ipa.5.xml:636 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:636 +#: sssd-ipa.5.xml:639 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:642 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:642 +#: sssd-ipa.5.xml:645 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:645 +#: sssd-ipa.5.xml:648 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:648 +#: sssd-ipa.5.xml:651 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:656 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:659 +#: sssd-ipa.5.xml:662 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:662 +#: sssd-ipa.5.xml:665 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:667 +#: sssd-ipa.5.xml:670 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:670 +#: sssd-ipa.5.xml:673 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:673 +#: sssd-ipa.5.xml:676 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:678 +#: sssd-ipa.5.xml:681 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:562 +#: sssd-ipa.5.xml:565 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -6568,19 +6572,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:688 +#: sssd-ipa.5.xml:691 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:690 +#: sssd-ipa.5.xml:693 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:697 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -6588,7 +6592,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:700 +#: sssd-ipa.5.xml:703 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -6600,7 +6604,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:717 +#: sssd-ipa.5.xml:720 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6608,7 +6612,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:724 +#: sssd-ipa.5.xml:727 #, no-wrap msgid "" " [domain/example.com]\n" @@ -6848,18 +6852,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:225 +#: sssd-ad.5.xml:225 sssd-ad.5.xml:239 msgid "Default: Not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:231 -msgid "ad_enable_gc (boolean)" +msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"Specify AD site to which client should try to connect. If this option is " +"not provided, the AD site will be auto-discovered." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:245 +msgid "ad_enable_gc (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:248 +msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " "as a fallback. Disabling this option makes the SSSD only connect to the LDAP " @@ -6867,7 +6883,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:242 +#: sssd-ad.5.xml:256 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -6876,12 +6892,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:256 +#: sssd-ad.5.xml:270 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:259 +#: sssd-ad.5.xml:273 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -6891,14 +6907,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:268 +#: sssd-ad.5.xml:282 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:274 +#: sssd-ad.5.xml:288 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -6911,23 +6927,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:287 +#: sssd-ad.5.xml:301 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:291 +#: sssd-ad.5.xml:305 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:297 +#: sssd-ad.5.xml:311 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:303 +#: sssd-ad.5.xml:317 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -6935,17 +6951,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:314 +#: sssd-ad.5.xml:328 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:320 +#: sssd-ad.5.xml:334 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:323 +#: sssd-ad.5.xml:337 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -6953,12 +6969,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:336 +#: sssd-ad.5.xml:350 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:339 +#: sssd-ad.5.xml:353 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -6966,7 +6982,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:345 +#: sssd-ad.5.xml:359 msgid "" "Note: Using the Group Policy Management Editor this value " "InteractiveLogonRight is called \"Allow log on locally\" and \"Deny log on " @@ -6974,7 +6990,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:373 #, no-wrap msgid "" " ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -6982,7 +6998,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:364 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -6994,53 +7010,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:363 sssd-ad.5.xml:434 sssd-ad.5.xml:469 sssd-ad.5.xml:509 -#: sssd-ad.5.xml:570 +#: sssd-ad.5.xml:377 sssd-ad.5.xml:448 sssd-ad.5.xml:483 sssd-ad.5.xml:523 +#: sssd-ad.5.xml:584 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:381 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:372 +#: sssd-ad.5.xml:386 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:377 +#: sssd-ad.5.xml:391 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:396 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:387 +#: sssd-ad.5.xml:401 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:406 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:397 +#: sssd-ad.5.xml:411 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:406 +#: sssd-ad.5.xml:420 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:409 +#: sssd-ad.5.xml:423 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -7048,7 +7064,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:415 +#: sssd-ad.5.xml:429 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -7056,7 +7072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:430 +#: sssd-ad.5.xml:444 #, no-wrap msgid "" " ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -7064,7 +7080,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:421 +#: sssd-ad.5.xml:435 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -7076,17 +7092,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:438 +#: sssd-ad.5.xml:452 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:447 +#: sssd-ad.5.xml:461 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:450 +#: sssd-ad.5.xml:464 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -7094,7 +7110,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:465 +#: sssd-ad.5.xml:479 #, no-wrap msgid "" " ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -7102,7 +7118,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:470 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -7114,22 +7130,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 +#: sssd-ad.5.xml:487 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 +#: sssd-ad.5.xml:492 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:487 +#: sssd-ad.5.xml:501 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:490 +#: sssd-ad.5.xml:504 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -7137,7 +7153,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:505 +#: sssd-ad.5.xml:519 #, no-wrap msgid "" " ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -7145,7 +7161,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:496 +#: sssd-ad.5.xml:510 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -7157,17 +7173,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:527 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:522 +#: sssd-ad.5.xml:536 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:525 +#: sssd-ad.5.xml:539 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -7175,7 +7191,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:553 #, no-wrap msgid "" " ad_gpo_map_service = +my_pam_service\n" @@ -7183,7 +7199,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 sssd-ad.5.xml:596 +#: sssd-ad.5.xml:545 sssd-ad.5.xml:615 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -7194,19 +7210,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:563 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:552 +#: sssd-ad.5.xml:566 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:566 +#: sssd-ad.5.xml:580 #, no-wrap msgid "" " ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -7214,7 +7230,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:557 +#: sssd-ad.5.xml:571 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -7226,29 +7242,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:574 +#: sssd-ad.5.xml:588 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:579 +#: sssd-ad.5.xml:593 msgid "sudo-i" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:598 +msgid "systemd-user" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:588 +#: sssd-ad.5.xml:607 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:591 +#: sssd-ad.5.xml:610 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:604 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" " ad_gpo_map_deny = +my_pam_service\n" @@ -7256,12 +7277,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:617 +#: sssd-ad.5.xml:636 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -7274,56 +7295,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:630 +#: sssd-ad.5.xml:649 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:634 +#: sssd-ad.5.xml:653 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:639 +#: sssd-ad.5.xml:658 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:644 +#: sssd-ad.5.xml:663 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:649 +#: sssd-ad.5.xml:668 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:654 -#, fuzzy -#| msgid "services" +#: sssd-ad.5.xml:673 msgid "service" -msgstr "服务" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:683 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:670 -#, fuzzy -#| msgid "Default: 3" +#: sssd-ad.5.xml:689 msgid "Default: deny" -msgstr "默认: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:679 +#: sssd-ad.5.xml:698 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -7334,34 +7351,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:709 +#: sssd-ad.5.xml:728 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:723 +#: sssd-ad.5.xml:745 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:753 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:775 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:775 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:797 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:800 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:845 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -7369,7 +7386,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:830 +#: sssd-ad.5.xml:852 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -7384,7 +7401,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:850 +#: sssd-ad.5.xml:872 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7393,7 +7410,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:846 +#: sssd-ad.5.xml:868 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -7401,7 +7418,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:856 +#: sssd-ad.5.xml:878 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -7868,7 +7885,7 @@ msgid "The password to obfuscate will be read from standard input." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:79 +#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:80 #: sss_ssh_knownhostsproxy.1.xml:78 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" @@ -8970,16 +8987,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" msgid "" "<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" "replaceable>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:167 @@ -8988,14 +8999,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:173 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" msgid "<option>-H</option>,<option>--ssh-hosts</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:177 @@ -9317,10 +9322,8 @@ msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 -#, fuzzy -#| msgid "sss_groupmod" msgid "sss_rpcidmapd" -msgstr "sss_groupmod" +msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_rpcidmapd.5.xml:33 @@ -9490,7 +9493,9 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sss_ssh_authorizedkeys.1.xml:58 #, no-wrap -msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" +msgid "" +" AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" +" AuthorizedKeysCommandUser nobody\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> @@ -9498,19 +9503,20 @@ msgstr "" msgid "" "If <quote>AuthorizedKeysCommand</quote> is supported, " "<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" -"citerefentry> can be configured to use it by putting the following directive " -"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>" +"citerefentry> can be configured to use it by putting the following " +"directives in <citerefentry> <refentrytitle>sshd_config</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry>: <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sss_ssh_authorizedkeys.1.xml:69 +#: sss_ssh_authorizedkeys.1.xml:70 #, no-wrap msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sss_ssh_authorizedkeys.1.xml:62 +#: sss_ssh_authorizedkeys.1.xml:63 msgid "" "If <quote>PubkeyAgent</quote> is supported, " "<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" @@ -9521,18 +9527,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_ssh_authorizedkeys.1.xml:84 +#: sss_ssh_authorizedkeys.1.xml:85 msgid "" "Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sss_ssh_authorizedkeys.1.xml:93 sss_ssh_knownhostsproxy.1.xml:92 +#: sss_ssh_authorizedkeys.1.xml:94 sss_ssh_knownhostsproxy.1.xml:92 msgid "EXIT STATUS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sss_ssh_authorizedkeys.1.xml:95 sss_ssh_knownhostsproxy.1.xml:94 +#: sss_ssh_authorizedkeys.1.xml:96 sss_ssh_knownhostsproxy.1.xml:94 msgid "" "In case of success, an exit value of 0 is returned. Otherwise, 1 is returned." msgstr "" |