From 2ea6196484055397cc4bc011c5960f790431fa9d Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Mon, 12 Mar 2012 16:34:20 -0400 Subject: i18n: Remove empty translations --- src/man/po/lt.po | 6315 ------------------------------------------------------ 1 file changed, 6315 deletions(-) delete mode 100644 src/man/po/lt.po (limited to 'src/man/po/lt.po') diff --git a/src/man/po/lt.po b/src/man/po/lt.po deleted file mode 100644 index db5d14bae..000000000 --- a/src/man/po/lt.po +++ /dev/null @@ -1,6315 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Lithuanian (http://www.transifex.net/projects/p/fedora/team/" -"lt/)\n" -"Language: lt\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && (n" -"%100<10 || n%100>=20) ? 1 : 2)\n" - -#. type: Content of: -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" -- cgit