From 5ee3fba0bd812242a1ffe189f5ddf2689e6e6811 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Mon, 8 Sep 2014 20:59:43 +0200 Subject: Updating translations for the 1.12.1 release --- src/man/po/br.po | 2268 ++++++++++++++++++++++++++--------------- src/man/po/ca.po | 2364 +++++++++++++++++++++++++++--------------- src/man/po/cs.po | 2242 +++++++++++++++++++++++++--------------- src/man/po/de.po | 2551 +++++++++++++++++++++++++++++++--------------- src/man/po/es.po | 2402 ++++++++++++++++++++++++++++--------------- src/man/po/eu.po | 2238 +++++++++++++++++++++++++--------------- src/man/po/fr.po | 2462 +++++++++++++++++++++++++++++--------------- src/man/po/ja.po | 2383 ++++++++++++++++++++++++++++--------------- src/man/po/lv.po | 2256 +++++++++++++++++++++++++--------------- src/man/po/nl.po | 2276 ++++++++++++++++++++++++++--------------- src/man/po/pt.po | 2306 ++++++++++++++++++++++++++--------------- src/man/po/ru.po | 2254 +++++++++++++++++++++++++--------------- src/man/po/sssd-docs.pot | 2194 +++++++++++++++++++++++++-------------- src/man/po/tg.po | 2252 +++++++++++++++++++++++++--------------- src/man/po/uk.po | 2539 ++++++++++++++++++++++++++++++--------------- src/man/po/zh_CN.po | 2256 +++++++++++++++++++++++++--------------- 16 files changed, 24359 insertions(+), 12884 deletions(-) (limited to 'src/man/po') diff --git a/src/man/po/br.po b/src/man/po/br.po index a18590249..a6fd1ec87 100644 --- a/src/man/po/br.po +++ b/src/man/po/br.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-07-09 19:18+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: 2014-06-04 18:04+0000\n" "Last-Translator: jhrozek \n" "Language-Team: Breton (http://www.transifex.com/projects/p/sssd/language/" @@ -26,8 +26,8 @@ msgstr "" #: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 #: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 #: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 -#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 -#: sss_ssh_knownhostsproxy.1.xml:5 +#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 +#: sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "Dornlevr SSSD" @@ -128,14 +128,14 @@ msgstr "sssd.conf" #. type: Content of: #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 -#: sssd-ifp.5.xml:11 +#: sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "5" #. type: Content of: #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 -#: sssd-ifp.5.xml:12 +#: sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "" @@ -227,11 +227,11 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 -#: sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 -#: sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 +#: sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 +#: sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 #: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "Dre ziouer : true" @@ -246,16 +246,16 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 -#: sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 +#: sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "" msgstr "" @@ -277,7 +277,7 @@ msgid "" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "" @@ -292,7 +292,7 @@ msgid "The [sssd] section" msgstr "Ar rann [sssd]" #. type: Content of: -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "Arventennoù ar rann" @@ -329,19 +329,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "Dre ziouer : 3" @@ -361,7 +361,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "re_expression (neudennad)" @@ -381,12 +381,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "full_name_format (neudennad)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -394,39 +394,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -524,12 +524,44 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 -#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 -#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +#, fuzzy +#| msgid "re_expression (string)" +msgid "override_space (string)" +msgstr "re_expression (neudennad)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +msgid "Default: not set (spaces will not be replaced)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -542,12 +574,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "RANNOÙ SERVIJOÙ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -556,22 +588,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -581,17 +613,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -599,19 +631,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 -#: sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 -#: sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 +#: sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 +#: sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the <quote>timeout</" "quote> option), it is first sent the SIGTERM signal that instructs it to " @@ -621,53 +653,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +msgid "offline_timeout + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "Dre ziouer : 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -675,7 +732,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -685,7 +742,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -694,17 +751,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -712,17 +769,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "Dre ziouer : 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (neudennad)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -731,41 +788,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "Dre zoiuer : root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -773,22 +830,22 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -796,186 +853,186 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -983,59 +1040,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "Dre zoiuer : 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1043,7 +1100,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1052,17 +1109,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1070,31 +1127,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "Dre ziouer : 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1105,34 +1162,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1140,51 +1197,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1196,7 +1253,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1207,24 +1264,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1232,12 +1289,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1246,24 +1303,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "RANNOÙ DOMANI" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1272,47 +1329,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1324,14 +1381,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1340,39 +1397,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1381,24 +1438,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1409,137 +1466,150 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 -#: sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1548,17 +1618,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1567,33 +1637,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1601,8 +1671,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 -#: sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1611,8 +1681,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1620,19 +1690,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1641,7 +1711,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -1649,17 +1719,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -1667,19 +1737,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1687,7 +1757,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1695,30 +1765,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1726,19 +1796,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1747,24 +1817,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1772,7 +1842,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1780,35 +1850,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1816,32 +1886,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 -#: sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -1852,12 +1922,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1865,7 +1935,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1873,31 +1943,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1905,23 +1975,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1929,7 +1999,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1937,24 +2007,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1962,12 +2032,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -1977,7 +2047,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -1986,29 +2056,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2016,7 +2086,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2024,66 +2094,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2091,62 +2161,97 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 -#: sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +#, fuzzy +#| msgid "re_expression (string)" +msgid "case_sensitive (string)" +msgstr "re_expression (neudennad)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" +#: sssd.conf.5.xml:1916 +msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2155,22 +2260,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2180,29 +2285,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2210,29 +2315,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2240,19 +2345,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2260,73 +2365,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2334,17 +2439,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2353,17 +2458,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2371,17 +2476,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2389,18 +2494,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 +#: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2430,7 +2536,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2576,7 +2682,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "" @@ -2776,7 +2882,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "" @@ -2827,60 +2933,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2889,17 +2980,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2908,17 +2999,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2927,17 +3018,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2946,17 +3037,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2965,17 +3056,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -2984,17 +3075,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -3002,155 +3093,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3160,7 +3251,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3168,46 +3259,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +#, fuzzy +#| msgid "Default: true" +msgid "Default: sshPublicKey" +msgstr "Dre ziouer : true" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3216,24 +3314,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3241,53 +3339,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" -msgstr "" +#: sssd-ldap.5.xml:711 +#, fuzzy +#| msgid "Default: 120" +msgid "Default: 10800 (3 hours)" +msgstr "Dre ziouer : 120" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 -#: sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -3295,14 +3395,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -3310,17 +3410,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -3328,14 +3428,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -3343,101 +3443,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -3445,17 +3535,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3463,7 +3553,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -3473,7 +3563,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -3482,17 +3572,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3500,14 +3590,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3515,7 +3605,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3524,18 +3614,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 -#: sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 +#: sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3543,184 +3633,173 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3728,7 +3807,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3736,12 +3815,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3749,12 +3828,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3765,12 +3844,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3778,12 +3857,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3792,34 +3871,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3827,14 +3906,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3842,17 +3921,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3862,12 +3941,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3875,17 +3954,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3893,13 +3972,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3908,7 +3987,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3916,26 +3995,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3943,7 +4022,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3951,7 +4030,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3959,41 +4038,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4002,32 +4081,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4035,24 +4114,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4060,17 +4139,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4081,29 +4160,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4112,17 +4191,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4130,49 +4209,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4180,27 +4259,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4212,7 +4291,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4220,7 +4299,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4228,39 +4307,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4270,7 +4349,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4278,26 +4357,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4305,7 +4384,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4313,31 +4392,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4346,56 +4425,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4411,12 +4490,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4425,14 +4504,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4441,24 +4520,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4466,19 +4545,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4487,7 +4566,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4495,7 +4574,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4504,7 +4583,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4512,108 +4591,140 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +msgid "ldap_pwdlockout_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4624,7 +4735,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4642,12 +4753,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4655,208 +4766,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4864,101 +4975,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4967,91 +5078,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5060,37 +5171,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5098,7 +5209,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5106,7 +5217,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5119,20 +5230,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 -#: sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 +#: sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5614,7 +5725,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "" @@ -5629,7 +5740,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5644,12 +5755,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5670,12 +5781,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5717,12 +5828,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5730,12 +5841,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5754,19 +5865,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5860,7 +5971,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -5947,7 +6058,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "" @@ -6401,9 +6512,376 @@ msgstr "" msgid "Default: permissive" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +msgid "ad_gpo_map_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>login</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 +#: sssd-ad.5.xml:559 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>sshd</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +msgid "ad_gpo_map_network (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>ftp</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +#, fuzzy +#| msgid "full_name_format (string)" +msgid "ad_gpo_map_batch (string)" +msgstr "full_name_format (neudennad)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>crond</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +msgid "ad_gpo_map_service (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +msgid "" +"It is possible to add a PAM service name to the default set by using <quote>" +"+service_name</quote>. Since the default set is empty, it is not possible " +"to remove a PAM service name from the default set. For example, in order to " +"add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " +"would use the following configuration: <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +msgid "ad_gpo_map_permit (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +msgid "ad_gpo_map_deny (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +msgid "ad_gpo_default_right (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +msgid "Supported values for this option include:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +msgid "service" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: deny" +msgstr "Dre ziouer : 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6413,29 +6891,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6443,7 +6921,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6458,7 +6936,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6467,7 +6945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6475,10 +6953,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> @@ -6854,24 +7335,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -8038,13 +8522,49 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 +#, fuzzy +#| msgid "" +#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" +#| "replaceable>" msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" "replaceable>" msgstr "" +"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:167 +msgid "Invalidate SSH public keys of a specific host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +#, fuzzy +#| msgid "" +#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" +#| "replaceable>" +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "" +"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" +"replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "" @@ -8341,6 +8861,147 @@ msgstr "" msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" +"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " +"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" +"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " +"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" +"author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +#, fuzzy +#| msgid "sss_groupmod" +msgid "sss_rpcidmapd" +msgstr "sss_groupmod" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +msgid "CONFIGURATION FILE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +msgid "" +"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." +"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +msgid "SSS CONFIGURATION EXTENSION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +#, fuzzy +#| msgid "The [sssd] section" +msgid "[sss] config section" +msgstr "Ar rann [sssd]" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +msgid "Configuration attributes" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +msgid "memcache (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "GWELET IVEZ" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -9171,11 +9832,6 @@ msgid "" "local LDB storage to store users and groups." msgstr "" -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "GWELET IVEZ" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 msgid "" @@ -9216,7 +9872,9 @@ msgid "" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" msgstr "" #. type: Content of: <listitem><para> diff --git a/src/man/po/ca.po b/src/man/po/ca.po index b488e461d..2c44d17d2 100644 --- a/src/man/po/ca.po +++ b/src/man/po/ca.po @@ -13,7 +13,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-07-09 19:18+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: 2014-06-04 18:04+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Catalan (http://www.transifex.com/projects/p/sssd/language/" @@ -31,8 +31,8 @@ msgstr "" #: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 #: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 #: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 -#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 -#: sss_ssh_knownhostsproxy.1.xml:5 +#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 +#: sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "Pàgines de manual de l'SSSD" @@ -141,14 +141,14 @@ msgstr "sssd.conf" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 -#: sssd-ifp.5.xml:11 +#: sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 -#: sssd-ifp.5.xml:12 +#: sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "Formats de fitxer i convencions" @@ -255,11 +255,11 @@ msgid "Add a timestamp to the debug messages" msgstr "Afegir una marca de temps als missatges de depuració" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 -#: sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 -#: sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 +#: sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 +#: sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 #: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "Per defecte: true" @@ -274,16 +274,16 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 -#: sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 +#: sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "Per defecte: false" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -305,7 +305,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "Per defecte: 10" @@ -320,7 +320,7 @@ msgid "The [sssd] section" msgstr "La secció [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "Paràmetres de la secció" @@ -361,12 +361,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" @@ -375,7 +375,7 @@ msgstr "" "caiguda del Proveïdor de Dades o reiniciar abans de donar-se per vençuts" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "Per defecte: 3" @@ -395,7 +395,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "re_expression (cadena)" @@ -415,12 +415,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "full_name_format (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -428,39 +428,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -571,12 +571,44 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 -#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 -#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +#, fuzzy +#| msgid "userdel_cmd (string)" +msgid "override_space (string)" +msgstr "userdel_cmd (cadena)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +msgid "Default: not set (spaces will not be replaced)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -595,12 +627,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "SECCIONS DE SERVEIS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -613,22 +645,22 @@ msgstr "" "quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "Opcions de configuració del servei general" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "Aquestes opcions es poden utilitzar per a configurar qualsevol servei." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -638,17 +670,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -656,19 +688,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 -#: sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 -#: sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 +#: sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 +#: sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "Per defecte: 60" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the <quote>timeout</" "quote> option), it is first sent the SIGTERM signal that instructs it to " @@ -678,25 +710,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +msgid "offline_timeout + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "Opcions de configuració d'NSS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -704,12 +761,12 @@ msgstr "" "servei de nom (NSS)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -718,17 +775,17 @@ msgstr "" "(peticions d'informació sobre tots els usuaris)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "Per defecte: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -739,7 +796,7 @@ msgstr "" "valor entry_cache_timeout per al domini." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -755,7 +812,7 @@ msgstr "" "peticions que esperen per a una actualització de la memòria cau." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -768,17 +825,17 @@ msgstr "" "(0 desactiva aquesta característica)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -790,17 +847,17 @@ msgstr "" "altra vegada." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "Per defecte: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -809,17 +866,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "Per defecte: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -827,25 +884,25 @@ msgstr "" "aquesta opció a false." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -853,22 +910,22 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -876,138 +933,138 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "Per defecte: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "Opcions de configuració de PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1016,12 +1073,12 @@ msgstr "" "Authentication Module (PAM)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1031,17 +1088,17 @@ msgstr "" "de sessió)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "Per defecte: 0 (sense límit)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1050,12 +1107,12 @@ msgstr "" "fallits es permet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1065,7 +1122,7 @@ msgstr "" "possible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1073,17 +1130,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "Per defecte: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1092,43 +1149,43 @@ msgstr "" "autenticació. Com més gran sigui el nombre més missatges es mostren." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "L'Sssd suporta actualment els següents valors:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: no mostris cap missatge" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: Mostra només missatges importants" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: Mostra missatges informatius" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: Mostra tots els missatges i informació de depuració" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "Per defecte: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1140,7 +1197,7 @@ msgstr "" "l'última informació." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1154,17 +1211,17 @@ msgstr "" "proveïdor d'identitat." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1172,31 +1229,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "Per defecte: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1207,34 +1264,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1242,51 +1299,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1298,7 +1355,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1309,24 +1366,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1334,12 +1391,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1348,17 +1405,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "SECCIONS DE DOMINI" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "min_id, max_id (Enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -1367,7 +1424,7 @@ msgstr "" "fora d'aquests límits, s'ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1380,24 +1437,24 @@ msgstr "" "com s'esperava." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Per defecte: 1 per a min_id, 0 (sense límit) per a max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "enumerate (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" @@ -1406,23 +1463,23 @@ msgstr "" "valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Els usuaris i grups s'enumeren" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Cap enumeració per a aquest domini" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "Per defecte: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1434,7 +1491,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -1444,7 +1501,7 @@ msgstr "" "finalitzi." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1458,39 +1515,39 @@ msgstr "" "ús." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1499,17 +1556,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "Per defecte: none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (Enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -1518,7 +1575,7 @@ msgstr "" "demanar al rerefons una altra vegada" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1529,139 +1586,154 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "Per defecte: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 -#: sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +#, fuzzy +#| msgid "entry_cache_timeout (integer)" +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "entry_cache_timeout (Enter)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Determina si les credencials d'usuari també són emmagatzemades en la memòria " "cau local de LDB" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (Enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1674,17 +1746,17 @@ msgstr "" "ha de ser superior o igual a offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "Per defecte: 0 (sense límit)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1693,33 +1765,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "id_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1727,8 +1799,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 -#: sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1737,8 +1809,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1746,19 +1818,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1771,7 +1843,7 @@ msgstr "" "trobaria l'usuari mentre que <command>getent passwd test@LOCAL</command> si." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -1779,17 +1851,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -1797,12 +1869,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "auth_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -1811,7 +1883,7 @@ msgstr "" "d'autenticació suportats són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1822,7 +1894,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configuració d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1833,7 +1905,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -1841,12 +1913,12 @@ msgstr "" "de PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> impossibilita l'autenticació explícitament." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -1855,12 +1927,12 @@ msgstr "" "gestionar les sol·licituds d'autenticació." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "access_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1871,19 +1943,19 @@ msgstr "" "instal·lats) Els proveïdors especials interns són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> sempre denega l'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1896,17 +1968,17 @@ msgstr "" "configuració del mòdul d'accés simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "Per defecte: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "chpass_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -1915,7 +1987,7 @@ msgstr "" "al domini. Els proveïdors de canvi de contrasenya compatibles són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1927,7 +1999,7 @@ msgstr "" "configuració d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1938,7 +2010,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -1946,12 +2018,12 @@ msgstr "" "objectiu de PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> rebutja els canvis de contrasenya explícitament." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -1960,17 +2032,17 @@ msgstr "" "gestionar peticions de canvi de contrasenya." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1978,32 +2050,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 -#: sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2014,12 +2086,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2027,7 +2099,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2035,31 +2107,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2067,23 +2139,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2091,7 +2163,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2099,24 +2171,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2124,12 +2196,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2139,7 +2211,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2148,29 +2220,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2181,7 +2253,7 @@ msgstr "" "quote> , el domini tot el que ve després\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2189,7 +2261,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -2198,17 +2270,17 @@ msgstr "" "sintaxi Python (?P <name>) a l'etiqueta subpatterns." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Per defecte: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "lookup_family_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -2217,42 +2289,42 @@ msgstr "" "realitzar cerques de DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "Valors admesos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Intenta resoldre l'adreça IPv4, si falla, intenta IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Intenta resoldre només noms màquina a adreces IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Intenta resoldre l'adreça IPv6, si falla, intenta IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Intenta resoldre només noms màquina a adreces IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "Per defecte: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2263,18 +2335,18 @@ msgstr "" "aquest temps d'espera, el domini seguirà operant en el mode fora de línia." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 -#: sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "Per defecte: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -2283,44 +2355,79 @@ msgstr "" "del domini de la consulta DNS del servei de descobriment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "Per defecte: Utilitza la part del domini del nom de màquina" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +#, fuzzy +#| msgid "ldap_user_shadow_inactive (string)" +msgid "case_sensitive (string)" +msgstr "ldap_user_shadow_inactive (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" +#: sssd.conf.5.xml:1916 +msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2329,22 +2436,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2354,29 +2461,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2387,17 +2494,17 @@ msgstr "" "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "El servidor intermediari on re-envia PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -2406,12 +2513,12 @@ msgstr "" "de pam existent o crear-ne una de nova i afegir aquí el nom del servei." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2422,7 +2529,7 @@ msgstr "" "$(libName)_$(function), per exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -2431,12 +2538,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "La secció de domini local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2447,29 +2554,29 @@ msgstr "" "<replaceable>id_provider = local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "default_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "L'intèrpret d'ordres per defecte per als usuaris creats amb eines SSSD " "d'espai d'usuari." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "Per defecte: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "base_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -2478,46 +2585,46 @@ msgstr "" "replaceable> i utilitzen això com el directori d'usuari." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "Per defecte: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "create_homedir (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "Per defecte: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "remove_homedir (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "homedir_umask (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2528,17 +2635,17 @@ msgstr "" "defecte en un directori personal acabat de crear." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "Per defecte: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "skel_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2551,17 +2658,17 @@ msgstr "" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "Per defecte: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "mail_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2572,17 +2679,17 @@ msgstr "" "s'especifica, s'utilitzarà un valor per defecte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "Per defecte: <filename>/var/correu</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "userdel_cmd (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2593,18 +2700,19 @@ msgstr "" "té en compte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "Per defecte: Cap, no s'executa cap comanda" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 +#: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2659,7 +2767,7 @@ msgstr "" "\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2825,7 +2933,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "" @@ -3030,7 +3138,7 @@ msgstr "" "L'atribut LDAP que correspon a l'identificador del grup primari de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "Per defecte: gidNumber" @@ -3083,43 +3191,28 @@ msgstr "Per defecte: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "ldap_user_uuid (cadena)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "L'atribut LDAP que conté el UUID/GUID d'un objecte d'usuari d'LDAP." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "Per defecte: nsUniqueId" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -3128,17 +3221,17 @@ msgstr "" "pare." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "Per defecte: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3151,17 +3244,17 @@ msgstr "" "manvolnum></citerefentry> (data de l'últim canvi de contrasenya)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "Per defecte: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3174,17 +3267,17 @@ msgstr "" "manvolnum></citerefentry> (edat mínima de la contrasenya)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "Per defecte: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3197,17 +3290,17 @@ msgstr "" "manvolnum></citerefentry> (edat màxima de la contrasenya)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "Per defecte: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3220,17 +3313,17 @@ msgstr "" "manvolnum></citerefentry> (període d'advertència de contrasenya)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "Per defecte: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3243,17 +3336,17 @@ msgstr "" "manvolnum></citerefentry> (període d'inactivitat de contrasenya)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "Per defecte: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -3266,17 +3359,17 @@ msgstr "" "manvolnum></citerefentry> (data de caducitat del compte)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "Per defecte: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -3287,17 +3380,17 @@ msgstr "" "contrasenya en kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "Per defecte: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -3307,114 +3400,114 @@ msgstr "" "contrasenya actual." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "Per defecte: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -3423,24 +3516,24 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "Per defecte: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3450,7 +3543,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3458,46 +3551,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +#, fuzzy +#| msgid "Default: uid" +msgid "Default: sshPublicKey" +msgstr "Per defecte: uid" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3510,24 +3610,24 @@ msgstr "" "voleu utilitzar un àmbit en majúscules." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3538,53 +3638,55 @@ msgstr "" "los per estalviar espai." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "A zero, aquesta opció desactivarà l'operació de neteja de memòria cau." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" +#: sssd-ldap.5.xml:711 +#, fuzzy +#| msgid "Default: 10800 (12 hours)" +msgid "Default: 10800 (3 hours)" msgstr "Per defecte: 10800 (12 hores)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "L'atribut LDAP que correspon al nom complet de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 -#: sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "Per defecte: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "L'atribut LDAP que llista la pertanença a grups de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "Per defecte: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -3595,7 +3697,7 @@ msgstr "" "l'usuari per determinar els privilegis d'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -3604,7 +3706,7 @@ msgstr "" "l'SSSD cerca autoritzacions explícites (svc) i, finalment, allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -3612,17 +3714,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "Per defecte: authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -3630,14 +3732,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -3645,101 +3747,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "La classe d'objecte d'una entrada de grup a LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "Per defecte: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "ldap_group_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "L'atribut LDAP que es correspon amb el nom del grup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "L'atribut LDAP que correspon a l'identificador del grup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "ldap_group_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "L'atribut LDAP que conté els noms dels membres del grup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Per defecte: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "ldap_group_uuid (cadena)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "L'atribut LDAP que conté el UUID/GUID d'objecte de grup LDAP." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -3747,17 +3839,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3768,7 +3860,7 @@ msgstr "" "seguirà l'SSSD. Aquesta opció no té cap efecte sobre l'esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -3778,7 +3870,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -3787,17 +3879,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "Per defecte: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3805,14 +3897,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3820,7 +3912,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3829,18 +3921,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 -#: sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 +#: sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3848,185 +3940,174 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "La classe d'objecte d'una entrada de netgroup a LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "Per defecte: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "L'atribut LDAP que es correspon amb el nom del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "L'atribut LDAP que conté els noms dels membres del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "Per defecte: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" "L'atribut LDAP que conté les tripletes netgroup (maquina, usuari, domini)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "Per defecte: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "ldap_netgroup_uuid (cadena)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "L'atribut LDAP que conté el UUID/GUID d'un objecte de netgroup d'LDAP." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -4034,7 +4115,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4042,12 +4123,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4055,12 +4136,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -4077,12 +4158,12 @@ msgstr "" "manvolnum></citerefentry> retorna en cas de cap activitat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -4093,12 +4174,12 @@ msgstr "" "temps d'espera en comunicar amb el KDC en cas d'un vincle SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -4107,34 +4188,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -4142,14 +4223,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -4157,17 +4238,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -4177,12 +4258,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -4190,17 +4271,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -4208,13 +4289,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -4223,7 +4304,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -4231,12 +4312,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -4246,7 +4327,7 @@ msgstr "" "valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -4255,7 +4336,7 @@ msgstr "" "certificat del servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4267,7 +4348,7 @@ msgstr "" "normalment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4278,7 +4359,7 @@ msgstr "" "proporciona un certificat dolent, immediatament s'acaba la sessió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -4289,22 +4370,22 @@ msgstr "" "immediatament s'acaba la sessió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "Per defecte: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -4313,7 +4394,7 @@ msgstr "" "Certificació que reconeixerà l'<command>sssd</command>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -4322,12 +4403,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4341,32 +4422,32 @@ msgstr "" "correctes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4374,12 +4455,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -4388,12 +4469,12 @@ msgstr "" "class=\"protocol\">tls</systemitem> per a protegir el canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4401,17 +4482,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4422,17 +4503,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -4441,12 +4522,12 @@ msgstr "" "i suportat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4455,17 +4536,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4473,51 +4554,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Especifica el fitxer keytab a utilitzar quan s'utilitza SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Per defecte: Fitxer keytab de sistema, normalment <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4528,27 +4609,27 @@ msgstr "" "seleccionat és GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Especifica el temps de vida en segons de la TGT si s'utilitza GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "Per defecte: 86400 (24 hores)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4560,7 +4641,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4571,7 +4652,7 @@ msgstr "" "retorna a _tcp si no se'n troba cap." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4583,41 +4664,41 @@ msgstr "" "<quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Especifica l'àmbit KERBEROS (per a autenticació SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Per defecte: Paràmetres predeterminats del sistema, vegeu <filename>/etc/" "krb5.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4627,7 +4708,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4635,12 +4716,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -4649,7 +4730,7 @@ msgstr "" "costat del client. S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -4658,7 +4739,7 @@ msgstr "" "opció no inhabilita les polítiques de contrasenya de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4666,7 +4747,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4678,25 +4759,25 @@ msgstr "" "contrasenya." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Especifica si el seguiment automàtic del referenciador s'hauria d'habilitar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -4705,7 +4786,7 @@ msgstr "" "quan és compilat amb la versió d'OpenLDAP 2.4.13 o superior." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4714,29 +4795,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nom de servei per utilitzar quan està habilitada la detecció " "de serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "Per defecte: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -4745,30 +4826,30 @@ msgstr "" "permet canvis de contrasenya quan està habilitada la detecció de serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Defecte: no definit, és a dir, el descobriment de serveis està inhabilitat" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4784,12 +4865,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "Exemple:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4798,14 +4879,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4818,17 +4899,17 @@ msgstr "" "concedint accés en estar fora de línia i viceversa." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "Per defecte: Buit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -4837,7 +4918,7 @@ msgstr "" "d'atributs de control d'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4849,12 +4930,12 @@ msgstr "" "contrasenya és correcta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -4863,7 +4944,7 @@ msgstr "" "determinar si el compte ha caducat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4872,7 +4953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4880,7 +4961,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4889,7 +4970,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4897,29 +4978,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Llista separada per comes d'opcions de control d'accés. Els valors permesos " "són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: utilitza ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utilitza ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -4928,17 +5017,17 @@ msgstr "" "authorizedService per determinar l'accés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "Per defecte: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -4947,12 +5036,38 @@ msgstr "" "s'utilitza més d'una vegada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +#, fuzzy +#| msgid "ldap_pwd_policy (string)" +msgid "ldap_pwdlockout_dn (string)" +msgstr "ldap_pwd_policy (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -4961,13 +5076,13 @@ msgstr "" "cerca. S'admeten les opcions següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: les referències dels àlies mai són eliminades." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -4977,7 +5092,7 @@ msgstr "" "de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -4986,7 +5101,7 @@ msgstr "" "només en localitzar l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -4995,7 +5110,7 @@ msgstr "" "en la recerca i en la localització de l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -5004,19 +5119,19 @@ msgstr "" "llibreries client d'LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -5027,7 +5142,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -5051,12 +5166,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -5064,208 +5179,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -5273,101 +5388,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -5376,91 +5491,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5469,37 +5584,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "OPCIONS AVANÇADES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5510,7 +5625,7 @@ msgstr "" "sabeu el que estau fent. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5521,7 +5636,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5534,20 +5649,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 -#: sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 +#: sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6115,7 +6230,7 @@ msgstr "" "complet utilitzat en el domini d'IPA per identificar aquest amfitrió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "" @@ -6130,7 +6245,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -6145,12 +6260,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -6171,12 +6286,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -6218,12 +6333,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -6231,12 +6346,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -6255,19 +6370,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -6363,7 +6478,7 @@ msgstr "" "suplantada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6452,7 +6567,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "" @@ -6914,9 +7029,396 @@ msgstr "" msgid "Default: permissive" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +#, fuzzy +#| msgid "enum_cache_timeout (integer)" +msgid "ad_gpo_cache_timeout (integer)" +msgstr "enum_cache_timeout (Enter)" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +#, fuzzy +#| msgid "ldap_user_shadow_inactive (string)" +msgid "ad_gpo_map_interactive (string)" +msgstr "ldap_user_shadow_inactive (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>login</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 +#: sssd-ad.5.xml:559 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +#, fuzzy +#| msgid "password" +msgid "gdm-password" +msgstr "contrasenya" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +#, fuzzy +#| msgid "ldap_user_shadow_inactive (string)" +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "ldap_user_shadow_inactive (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>sshd</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +#, fuzzy +#| msgid "ldap_group_name (string)" +msgid "ad_gpo_map_network (string)" +msgstr "ldap_group_name (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>ftp</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +#, fuzzy +#| msgid "ldap_sasl_authid (string)" +msgid "ad_gpo_map_batch (string)" +msgstr "ldap_sasl_authid (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>crond</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +#, fuzzy +#| msgid "ldap_dns_service_name (string)" +msgid "ad_gpo_map_service (string)" +msgstr "ldap_dns_service_name (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +msgid "" +"It is possible to add a PAM service name to the default set by using <quote>" +"+service_name</quote>. Since the default set is empty, it is not possible " +"to remove a PAM service name from the default set. For example, in order to " +"add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " +"would use the following configuration: <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +#, fuzzy +#| msgid "ldap_deref (string)" +msgid "ad_gpo_map_permit (string)" +msgstr "ldap_deref (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +#, fuzzy +#| msgid "ldap_deref (string)" +msgid "ad_gpo_map_deny (string)" +msgstr "ldap_deref (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +#, fuzzy +#| msgid "ldap_default_authtok (string)" +msgid "ad_gpo_default_right (string)" +msgstr "ldap_default_authtok (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +msgid "Supported values for this option include:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +#, fuzzy +#| msgid "services" +msgid "service" +msgstr "serveis" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +#, fuzzy +#| msgid "Default: cn" +msgid "Default: deny" +msgstr "Per defecte: cn" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6926,29 +7428,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6956,7 +7458,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6971,7 +7473,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6980,7 +7482,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6988,10 +7490,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> @@ -7391,28 +7896,33 @@ msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" -"Demana a l'SSSD d'operar de manera simulada fora de línia durant un minut. " -"Això principalment és útil per a propòsits de comprovacions." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 +#, fuzzy +#| msgid "" +#| "Tells the SSSD to go online immediately. This is mostly useful for " +#| "testing purposes." msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" "Demana a l'SSSD d'anar immediatament en línia. Això és útil principalment " "per a propòsits de comprovacions." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -8630,13 +9140,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 +#, fuzzy +#| msgid "" +#| "<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" +#| "replaceable>" msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" "replaceable>" msgstr "" +"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:167 +msgid "Invalidate SSH public keys of a specific host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +#, fuzzy +#| msgid "<option>-s</option>,<option>--stdin</option>" +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "<option>-s</option>,<option>--stdin</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "" @@ -8933,6 +9475,187 @@ msgstr "" msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" +"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " +"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" +"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " +"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" +"author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +#, fuzzy +#| msgid "sss_groupmod" +msgid "sss_rpcidmapd" +msgstr "sss_groupmod" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "CONFIGURATION FILE" +msgstr "OPCIONS DE CONFIGURACIÓ" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +#, fuzzy +#| msgid "" +#| "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring LDAP." +msgid "" +"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." +"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." +msgstr "" +"<quote>ldap</quote> per autenticació nativa LDAP. Vegeu " +"<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> per a més informació sobre configuració d'LDAP." + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "SSS CONFIGURATION EXTENSION" +msgstr "OPCIONS DE CONFIGURACIÓ" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +#, fuzzy +#| msgid "The [sssd] section" +msgid "[sss] config section" +msgstr "La secció [sssd]" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +#, fuzzy +#| msgid "NSS configuration options" +msgid "Configuration attributes" +msgstr "Opcions de configuració d'NSS" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +#, fuzzy +#| msgid "enumerate (bool)" +msgid "memcache (bool)" +msgstr "enumerate (booleà)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +#, fuzzy +#| msgid "" +#| "The following example shows a typical SSSD config. It does not describe " +#| "configuration of the domains themselves - refer to documentation on " +#| "configuring domains for more details. <placeholder type=\"programlisting" +#| "\" id=\"0\"/>" +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"El següent exemple mostra una configuració típica d'SSSD. No descriu la " +"configuració dels mateixos dominis - referiu-vos a la documentació de " +"configuració de dominis per a més detalls. <placeholder type=" +"\"programlisting\" id=\"0\"/>" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "VEGEU TAMBÉ" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +#, fuzzy +#| msgid "" +#| "This manual page describes the configuration of LDAP domains for " +#| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" +#| "manvolnum> </citerefentry>. Refer to the <quote>FILE FORMAT</quote> " +#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +#| "<manvolnum>5</manvolnum> </citerefentry> manual page for detailed syntax " +#| "information." +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" +"Aquesta pàgina del manual descriu la configuració de dominis LDAP per a " +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. Consulteu la secció <quote>FORMAT DE FITXER</quote> de la " +"pàgina del manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> per obtenir informació detallada de " +"la sintaxi." + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -9763,11 +10486,6 @@ msgid "" "local LDB storage to store users and groups." msgstr "" -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "VEGEU TAMBÉ" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 msgid "" @@ -9808,7 +10526,9 @@ msgid "" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" msgstr "" #. type: Content of: <listitem><para> @@ -9952,3 +10672,35 @@ msgstr "" #: include/homedir_substring.xml:15 msgid "Default: /home" msgstr "" + +#~ msgid "ldap_user_uuid (string)" +#~ msgstr "ldap_user_uuid (cadena)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP user object." +#~ msgstr "L'atribut LDAP que conté el UUID/GUID d'un objecte d'usuari d'LDAP." + +#~ msgid "Default: nsUniqueId" +#~ msgstr "Per defecte: nsUniqueId" + +#~ msgid "ldap_group_uuid (string)" +#~ msgstr "ldap_group_uuid (cadena)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP group object." +#~ msgstr "L'atribut LDAP que conté el UUID/GUID d'objecte de grup LDAP." + +#~ msgid "ldap_netgroup_uuid (string)" +#~ msgstr "ldap_netgroup_uuid (cadena)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." +#~ msgstr "" +#~ "L'atribut LDAP que conté el UUID/GUID d'un objecte de netgroup d'LDAP." + +#~ msgid "" +#~ "Tells the SSSD to simulate offline operation for one minute. This is " +#~ "mostly useful for testing purposes." +#~ msgstr "" +#~ "Demana a l'SSSD d'operar de manera simulada fora de línia durant un " +#~ "minut. Això principalment és útil per a propòsits de comprovacions." diff --git a/src/man/po/cs.po b/src/man/po/cs.po index 009e207fd..2cf5983dc 100644 --- a/src/man/po/cs.po +++ b/src/man/po/cs.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-06-04 19:59+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: 2012-05-22 13:44+0000\n" "Last-Translator: sgallagh <sgallagh@redhat.com>\n" "Language-Team: Czech (http://www.transifex.com/projects/p/fedora/language/" @@ -26,8 +26,8 @@ msgstr "" #: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 #: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 #: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 -#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 -#: sss_ssh_knownhostsproxy.1.xml:5 +#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 +#: sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "Manuálové stránky SSSD" @@ -123,14 +123,14 @@ msgstr "" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 -#: sssd-ifp.5.xml:11 +#: sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 -#: sssd-ifp.5.xml:12 +#: sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "" @@ -224,11 +224,11 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 -#: sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 -#: sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 +#: sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 +#: sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 #: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "" @@ -243,16 +243,16 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 -#: sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 +#: sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -274,7 +274,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "" @@ -289,7 +289,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "" @@ -326,19 +326,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "" @@ -358,7 +358,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "" @@ -378,12 +378,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -391,39 +391,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -521,12 +521,42 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 -#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 -#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +msgid "override_space (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +msgid "Default: not set (spaces will not be replaced)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -539,12 +569,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -553,22 +583,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -578,17 +608,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -596,19 +626,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 -#: sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 -#: sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 +#: sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 +#: sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the <quote>timeout</" "quote> option), it is first sent the SIGTERM signal that instructs it to " @@ -618,53 +648,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +msgid "offline_timeout + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -672,7 +727,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -682,7 +737,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -691,17 +746,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -709,17 +764,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -728,41 +783,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -770,22 +825,22 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -793,186 +848,186 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -980,59 +1035,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1040,7 +1095,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1049,17 +1104,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1067,31 +1122,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 #, fuzzy #| msgid "" #| "<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" @@ -1122,34 +1177,34 @@ msgstr "" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1157,51 +1212,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1213,7 +1268,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1224,24 +1279,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1249,12 +1304,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1263,24 +1318,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1289,47 +1344,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1341,14 +1396,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1357,39 +1412,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1398,24 +1453,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1426,137 +1481,150 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 -#: sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1565,17 +1633,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1584,33 +1652,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1618,8 +1686,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 -#: sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1628,8 +1696,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1637,19 +1705,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1658,7 +1726,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -1666,17 +1734,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -1684,19 +1752,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1704,7 +1772,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1712,30 +1780,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1743,19 +1811,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1764,24 +1832,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1789,7 +1857,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1797,35 +1865,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1833,32 +1901,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 -#: sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -1869,12 +1937,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1882,7 +1950,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1890,31 +1958,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1922,23 +1990,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1946,7 +2014,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1954,24 +2022,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1979,12 +2047,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -1994,7 +2062,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2003,29 +2071,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2033,7 +2101,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2041,66 +2109,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2108,62 +2176,95 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 -#: sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +msgid "case_sensitive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" +#: sssd.conf.5.xml:1916 +msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2172,22 +2273,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2197,29 +2298,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2227,29 +2328,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2257,19 +2358,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2277,73 +2378,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2351,17 +2452,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2370,17 +2471,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2388,17 +2489,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2406,18 +2507,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 +#: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2447,7 +2549,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2593,7 +2695,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "" @@ -2793,7 +2895,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "" @@ -2844,60 +2946,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2906,17 +2993,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2925,17 +3012,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2944,17 +3031,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2963,17 +3050,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2982,17 +3069,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -3001,17 +3088,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -3019,155 +3106,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3177,7 +3264,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3185,46 +3272,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +msgid "Default: sshPublicKey" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3233,24 +3325,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3258,53 +3350,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" +#: sssd-ldap.5.xml:711 +msgid "Default: 10800 (3 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 -#: sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -3312,14 +3404,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -3327,17 +3419,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -3345,14 +3437,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -3360,101 +3452,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -3462,17 +3544,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3480,7 +3562,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -3490,7 +3572,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -3499,17 +3581,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3517,14 +3599,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3532,7 +3614,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3541,18 +3623,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 -#: sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 +#: sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3560,184 +3642,173 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3745,7 +3816,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3753,12 +3824,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3766,12 +3837,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3782,12 +3853,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3795,12 +3866,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3809,34 +3880,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3844,14 +3915,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3859,17 +3930,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3879,12 +3950,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3892,17 +3963,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3910,13 +3981,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3925,7 +3996,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3933,26 +4004,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3960,7 +4031,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3968,7 +4039,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3976,41 +4047,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4019,32 +4090,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4052,24 +4123,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4077,17 +4148,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4098,29 +4169,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4129,17 +4200,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4147,49 +4218,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4197,27 +4268,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4229,7 +4300,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4237,7 +4308,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4245,39 +4316,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4287,7 +4358,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4295,26 +4366,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4322,7 +4393,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4330,31 +4401,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4363,56 +4434,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4428,12 +4499,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4442,14 +4513,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4458,24 +4529,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4483,19 +4554,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4504,7 +4575,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4512,7 +4583,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4521,7 +4592,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4529,108 +4600,140 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +msgid "ldap_pwdlockout_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4641,7 +4744,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4659,12 +4762,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4672,208 +4775,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4881,101 +4984,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4984,91 +5087,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5077,37 +5180,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5115,7 +5218,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5123,7 +5226,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5136,20 +5239,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 -#: sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 +#: sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5663,7 +5766,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "" @@ -5678,7 +5781,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5693,12 +5796,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5719,12 +5822,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5766,12 +5869,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5779,12 +5882,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5803,19 +5906,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5909,7 +6012,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -5996,7 +6099,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "" @@ -6450,9 +6553,372 @@ msgstr "" msgid "Default: permissive" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +msgid "ad_gpo_map_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>login</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 +#: sssd-ad.5.xml:559 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>sshd</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +msgid "ad_gpo_map_network (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>ftp</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +msgid "ad_gpo_map_batch (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>crond</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +msgid "ad_gpo_map_service (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +msgid "" +"It is possible to add a PAM service name to the default set by using <quote>" +"+service_name</quote>. Since the default set is empty, it is not possible " +"to remove a PAM service name from the default set. For example, in order to " +"add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " +"would use the following configuration: <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +msgid "ad_gpo_map_permit (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +msgid "ad_gpo_map_deny (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +msgid "ad_gpo_default_right (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +msgid "Supported values for this option include:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +msgid "service" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +msgid "Default: deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6462,29 +6928,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6492,7 +6958,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6507,7 +6973,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6516,7 +6982,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6524,10 +6990,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> @@ -6903,24 +7372,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -8100,13 +8572,41 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 +#, fuzzy +#| msgid "<option>-h</option>,<option>--help</option>" +msgid "" +"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" +"replaceable>" +msgstr "<option>-h</option>,<option>--help</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:167 +msgid "Invalidate SSH public keys of a specific host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +#, fuzzy +#| msgid "<option>-h</option>,<option>--help</option>" +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "<option>-h</option>,<option>--help</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>domain</" "replaceable>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_cache.8.xml:167 +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "" @@ -8415,6 +8915,143 @@ msgstr "" msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" +"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " +"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" +"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " +"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" +"author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +msgid "sss_rpcidmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +msgid "CONFIGURATION FILE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +msgid "" +"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." +"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +msgid "SSS CONFIGURATION EXTENSION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +msgid "[sss] config section" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +msgid "Configuration attributes" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +msgid "memcache (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "VIZ TAKÉ" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -9247,11 +9884,6 @@ msgid "" "local LDB storage to store users and groups." msgstr "" -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "VIZ TAKÉ" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 msgid "" @@ -9292,7 +9924,9 @@ msgid "" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" msgstr "" #. type: Content of: <listitem><para> diff --git a/src/man/po/de.po b/src/man/po/de.po index 694854b70..2c9a5158e 100644 --- a/src/man/po/de.po +++ b/src/man/po/de.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-07-09 19:18+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: 2014-06-09 18:21+0000\n" "Last-Translator: Mario Blättermann <mario.blaettermann@gmail.com>\n" "Language-Team: German (http://www.transifex.com/projects/p/sssd/language/" @@ -28,8 +28,8 @@ msgstr "" #: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 #: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 #: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 -#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 -#: sss_ssh_knownhostsproxy.1.xml:5 +#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 +#: sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "SSSD-Handbuchseiten" @@ -140,14 +140,14 @@ msgstr "sssd.conf" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 -#: sssd-ifp.5.xml:11 +#: sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 -#: sssd-ifp.5.xml:12 +#: sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "Dateiformate und Konventionen" @@ -257,11 +257,11 @@ msgid "Add a timestamp to the debug messages" msgstr "fügt den Debug-Nachrichten einen Zeitstempel hinzu" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 -#: sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 -#: sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 +#: sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 +#: sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 #: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "Voreinstellung: »true«" @@ -276,16 +276,16 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "fügt dem Zeitstempel der Debug-Nachrichten Mikrosekunden hinzu" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 -#: sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 +#: sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "Voreinstellung: »false«" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -310,7 +310,7 @@ msgstr "" "Anfragen zu beantworten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "Voreinstellung: 10" @@ -325,7 +325,7 @@ msgid "The [sssd] section" msgstr "Der Abschnitt [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "Abschnittsparameter" @@ -370,12 +370,12 @@ msgstr "" "\">, pac</phrase> <phrase condition=\"with_ifp\">, ifp</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" @@ -385,7 +385,7 @@ msgstr "" "startet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "Voreinstellung: 3" @@ -411,7 +411,7 @@ msgstr "" "Gedankenstrichen und Unterstrichen bestehen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "re_expression (Zeichenkette)" @@ -438,12 +438,12 @@ msgstr "" "unter DOMAIN-ABSCHNITTE." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "full_name_format (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -455,32 +455,32 @@ msgstr "" "zusammengestellt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "Domain-Name, wie er durch die SSSD-Konfigurationsdatei angegeben wird" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -489,7 +489,7 @@ msgstr "" "direkt konfiguriert als auch über IPA-Trust" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -620,12 +620,46 @@ msgstr "" "benutzer@domain.name verwenden müssen." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 -#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 -#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "Voreinstellung: nicht gesetzt" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +#, fuzzy +#| msgid "override_shell (string)" +msgid "override_space (string)" +msgstr "override_shell (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +#, fuzzy +#| msgid "Default: not set, i.e. FAST is not used." +msgid "Default: not set (spaces will not be replaced)" +msgstr "Voreinstellung: nicht gesetzt, d.h. FAST wird nicht benutzt" + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -644,12 +678,12 @@ msgstr "" "verwendet. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "DIENSTABSCHNITTE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -662,22 +696,22 @@ msgstr "" "Abschnitt zum Beispiel <quote>[nss]</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "Allgemeine Optionen zum Konfigurieren von Diensten" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "Diese Optionen können zur Konfiguration jedes Dienstes benutzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -693,17 +727,17 @@ msgstr "" "Begrenzung in der »limit.conf« sein." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "Voreinstellung: 8192 (oder die »harte« Begrenzung der »limit.conf«)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -715,19 +749,19 @@ msgstr "" "des Systems blockiert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 -#: sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 -#: sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 +#: sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 +#: sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "Voreinstellung: 60" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "force_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the <quote>timeout</" "quote> option), it is first sent the SIGTERM signal that instructs it to " @@ -742,29 +776,52 @@ msgstr "" "SIGKILL erzwingen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "offline_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +#, fuzzy +#| msgid "offline_timeout (integer)" +msgid "offline_timeout + random_offset" +msgstr "offline_timeout (Ganzzahl)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" -"Falls sich SSSD im Offline-Modus befindet und der letzte Versuch, online zu " -"gehen, lag mehr als die Anzahl der in dieser Option angegebenen Sekunden " -"zurück, werden neue Datenanfragen nicht zu erneuten Versuchen, online zu " -"gehen." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "NSS-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -772,12 +829,12 @@ msgstr "" "benutzt werden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -786,17 +843,17 @@ msgstr "" "über alle Nutzer) zwischenspeichern?" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "Voreinstellung: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -808,7 +865,7 @@ msgstr "" "werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -825,7 +882,7 @@ msgstr "" "Zwischenspeicheraktualisierung zu warten." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -838,17 +895,17 @@ msgstr "" "Sekunden senken. (0 schaltet diese Funktionalität aus.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "Voreinstellung: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -860,17 +917,17 @@ msgstr "" "Backend erneut gefragt wird)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "Voreinstellung: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -883,17 +940,17 @@ msgstr "" "von einer bestimmten Domain herauszufiltern." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "Voreinstellung: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -901,12 +958,12 @@ msgstr "" "setzen Sie diese Option auf »false«." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "fallback_homedir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -915,7 +972,7 @@ msgstr "" "es nicht explizit durch den Datenanbieter der Domain angegeben wurde." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -923,7 +980,7 @@ msgstr "" "»override_homedir«." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -933,24 +990,24 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Beispiel: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Voreinstellung: nicht gesetzt (kein Ersetzen nicht gesetzter Home-" "Verzeichnisse)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "override_shell (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -961,19 +1018,19 @@ msgstr "" "entweder im Abschnitt [nss] oder für jede Domain gesetzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" "Voreinstellung: nicht gesetzt (SSSD wird den von LDAP erhaltenen Wert " "benutzen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "allowed_shells (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -981,12 +1038,12 @@ msgstr "" "Reihenfolge der Auswertung ist:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "1. Falls die Shell in »/etc/shells« vorhanden ist, wird sie benutzt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -995,7 +1052,7 @@ msgstr "" "shells« steht, wird der Wert des Parameters »shell_fallback« verwendet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1004,13 +1061,13 @@ msgstr "" "steht, wird eine Nicht-Login-Shell benutzt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "" "Eine leere Zeichenkette als Shell wird, so wie sie ist, an Libc übergeben." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1019,28 +1076,28 @@ msgstr "" "Fall einer neu installierten Shell ein Neustart von SSSD nötig ist." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "" "Voreinstellung: nicht gesetzt. Die Benutzer-Shell wird automatisch verwendet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "vetoed_shells (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "ersetzt jedwede Instanz dieser Shells durch die aus »shell_fallback«." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "shell_fallback (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1048,17 +1105,17 @@ msgstr "" "auf dem Rechner installiert ist." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "Voreinstellung: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1068,7 +1125,7 @@ msgstr "" "jede Domain gesetzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1078,12 +1135,12 @@ msgstr "" "Vernünftiges, üblicherweise /bin/sh, ersetzt.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1092,12 +1149,12 @@ msgstr "" "gültig erachtet wird." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "memcache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" @@ -1106,17 +1163,17 @@ msgstr "" "Zwischenspeicher als gültig erachtet werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "Voreinstellung: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "PAM-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1125,12 +1182,12 @@ msgstr "" "Authentication Module« (PAM) einzurichten." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1140,17 +1197,17 @@ msgstr "" "erfolgreichen Anmeldung)?" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "Voreinstellung: 0 (unbegrenzt)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1159,12 +1216,12 @@ msgstr "" "Authentifizierungsanbieter offline ist?" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1174,7 +1231,7 @@ msgstr "" "Anmeldeversuch möglich ist." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1186,17 +1243,17 @@ msgstr "" "Authentifizierung reaktivieren." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "Voreinstellung: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1205,43 +1262,43 @@ msgstr "" "angezeigt werden. Je höher die Zahl, desto mehr Nachrichten werden angezeigt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "Derzeit unterstützt SSSD folgende Werte:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: keine Nachricht anzeigen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: nur wichtige Nachrichten anzeigen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: nur informative Nachrichten anzeigen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: alle Nachrichten und Debug-Informationen anzeigen" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "Voreinstellung: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1253,7 +1310,7 @@ msgstr "" "den neusten Informationen erfolgt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1267,17 +1324,17 @@ msgstr "" "viele Abfragen der Identitätsanbieter zu vermeiden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "zeigt N Tage vor Ablauf des Passworts eine Warnung an." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1288,7 +1345,7 @@ msgstr "" "SSSD keine Warnung anzeigen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1298,7 +1355,7 @@ msgstr "" "automatisch angezeigt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1307,17 +1364,17 @@ msgstr "" "emphasis> für eine bestimmte Domain außer Kraft gesetzt werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "Voreinstellung: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "Sudo-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1335,12 +1392,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "sudo_timed (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -1350,23 +1407,23 @@ msgstr "" "nicht." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "AUTOFS-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "" "Diese Optionen können zum Konfigurieren des Dienstes »autofs« benutzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1377,23 +1434,23 @@ msgstr "" "nicht existierende), bevor das Backend erneut befragt wird." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "SSH-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "" "Diese Optionen können zum Konfigurieren des SSH-Dienstes benutzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -1402,12 +1459,12 @@ msgstr "" "»known_hosts« zusammengemischt werden oder nicht." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -1416,17 +1473,17 @@ msgstr "" "»known_hosts« behalten wird, bevor seine Rechnerschlüssel abgefragt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "Voreinstellung: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "PAC-Responder-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1445,7 +1502,7 @@ msgstr "" "ausgewertet wurde, werden einige der folgenden Transaktionen durchgeführt:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1463,7 +1520,7 @@ msgstr "" "werden." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -1472,18 +1529,18 @@ msgstr "" "diesen Gruppen hinzugefügt." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "" "Diese Optionen können zur Konfiguration des PAC-Responders verwendet werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1494,14 +1551,14 @@ msgstr "" "beim Starten zu UIDs aufgelöst." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Voreinstellung: 0 (Nur dem Benutzer Root ist der Zugriff auf den PAC-" "Responder gestattet.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1514,17 +1571,17 @@ msgstr "" "der Liste der erlaubten UIDs auch die 0 hinzufügen." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "DOMAIN-ABSCHNITTE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -1533,7 +1590,7 @@ msgstr "" "enthält, der jenseits dieser Beschränkungen liegt, wird er ignoriert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1546,7 +1603,7 @@ msgstr "" "werden jene, die im Bereich liegen, wie erwartet gemeldet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -1555,17 +1612,17 @@ msgstr "" "den Zwischenspeicher und nicht nur ihre Rückgabe über Name oder ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Voreinstellung: 1 für »min_id«, 0 (keine Beschränkung) für »max_id«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "enumerate (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" @@ -1574,23 +1631,23 @@ msgstr "" "der folgenden Werte haben:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Benutzer und Gruppen werden aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = keine Aufzählungen für diese Domain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "Voreinstellung: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1610,7 +1667,7 @@ msgstr "" "die Mitgliedschaften neu berechnet werden müssen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -1620,7 +1677,7 @@ msgstr "" "Ergebnisse zurück." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1635,7 +1692,7 @@ msgstr "" "benutzten »id_provider«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -1644,32 +1701,32 @@ msgstr "" "insbesondere in großen Umgebungen, nicht empfohlen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "Alle entdeckten vertrauenswürdigen Domains werden aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "Keine der entdeckten vertrauenswürdigen Domains wird aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1683,17 +1740,17 @@ msgstr "" "Domains aktivieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "Voreinstellung: none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -1702,7 +1759,7 @@ msgstr "" "soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1720,17 +1777,17 @@ msgstr "" "wurden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "Voreinstellung: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -1739,18 +1796,19 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 -#: sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "Voreinstellung: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -1759,12 +1817,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -1773,12 +1831,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -1787,12 +1845,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -1801,12 +1859,12 @@ msgstr "" "bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -1816,12 +1874,32 @@ msgstr "" "wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +#, fuzzy +#| msgid "entry_cache_sudo_timeout (integer)" +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "entry_cache_sudo_timeout (Ganzzahl)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +#, fuzzy +#| msgid "" +#| "How many seconds to keep a host in the managed known_hosts file after its " +#| "host keys were requested." +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" +"bestimmt, wie viele Sekunden lang ein Rechner in der verwalteten Datei " +"»known_hosts« behalten wird, bevor seine Rechnerschlüssel abgefragt werden." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -1831,50 +1909,50 @@ msgstr "" "abgelaufenen oder beinahe abgelaufenen Daten aktualisiert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" "Derzeit wird lediglich die Aktualisierung abgelaufener Netzgruppen " "unterstützt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Sie können in Betracht ziehen, diesen Wert auf 3/4 * entry_cache_timeout zu " "setzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "Voreinstellung: 0 (deaktiviert)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "cache_credentials (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "bestimmt, ob auch Benutzerberechtigungen im lokalen LDB-Zwischenspeicher " "zwischengespeichert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Benutzerberechtigungen werden in einem SHA512-Hash, nicht im Klartext " "gespeichert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1887,17 +1965,17 @@ msgstr "" "Parameters muss größer oder gleich »offline_credentials_expiration« sein." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "Voreinstellung: 0 (unbegrenzt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1910,17 +1988,17 @@ msgstr "" "Authentifizierungsanbieter konfiguriert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Voreinstellung: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "id_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -1928,17 +2006,17 @@ msgstr "" "werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "»proxy«: unterstützt einen veralteten NSS-Anbieter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "»local«: SSSDs interner Anbieter für lokale Benutzer" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1949,8 +2027,8 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 -#: sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1963,8 +2041,8 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1976,12 +2054,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -1991,7 +2069,7 @@ msgstr "" "Benutzers, der an NSS gemeldet wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2005,7 +2083,7 @@ msgstr "" "test@LOCAL</command> würde ihn hingegen finden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2017,17 +2095,17 @@ msgstr "" "nicht voll qualifizierter Name angefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "gibt beim Nachschlagen der Gruppe nicht die Gruppenmitglieder zurück." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2038,12 +2116,12 @@ msgstr "" "verarbeitet werden, werden die Gruppenmitglieder nicht zurückgegeben." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "auth_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -2052,7 +2130,7 @@ msgstr "" "Authentifizierungsanbieter werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2063,7 +2141,7 @@ msgstr "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2075,19 +2153,19 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" "»proxy« zur Weitergabe der Authentifizierung an irgendein anderes PAM-Ziel" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "»none« deaktiviert explizit die Authentifizierung." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -2096,12 +2174,12 @@ msgstr "" "mit Authentifizierungsanfragen umgehen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "access_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2112,7 +2190,7 @@ msgstr "" "Backends enthalten sind). Interne Spezialanbieter sind:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -2121,12 +2199,12 @@ msgstr "" "für eine lokale Domain." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "»deny« verweigert dem Zugriff immer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2139,17 +2217,17 @@ msgstr "" "simple</refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "Voreinstellung: »permit«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "chpass_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -2158,7 +2236,7 @@ msgstr "" "Folgende Anbieter von Passwortänderungen werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2170,7 +2248,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2182,19 +2260,19 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" "»proxy« zur Weitergabe der Passwortänderung an irgendein anderes PAM-Ziel" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "»none« verbietet explizit Passwortänderungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -2203,19 +2281,19 @@ msgstr "" "kann mit Passwortänderungsanfragen umgehen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "sudo_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "der für diese Domain benutzte Sudo-Anbieter. Folgende Sudo-Anbieter werden " "unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2226,7 +2304,7 @@ msgstr "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -2235,7 +2313,7 @@ msgstr "" "Vorgabeeinstellungen für IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -2244,19 +2322,19 @@ msgstr "" "Vorgabeeinstellungen für AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "»none« deaktiviert explizit Sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 -#: sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Voreinstellung: Falls gesetzt, wird der Wert von »id_provider« benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2273,12 +2351,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "selinux_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2289,7 +2367,7 @@ msgstr "" "Zugriffsanbieter beendet hat. Folgende SELinux-Anbieter werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2301,12 +2379,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "»none« verbietet explizit das Abholen von SELinux-Einstellungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -2315,12 +2393,12 @@ msgstr "" "kann SELinux-Ladeanfragen handhaben." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "subdomains_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -2330,7 +2408,7 @@ msgstr "" "werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2342,17 +2420,17 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "»none« deaktiviert explizit das Abholen von Subdomains." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "autofs_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -2360,7 +2438,7 @@ msgstr "" "»autofs« werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2372,7 +2450,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2384,17 +2462,17 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "»none« deaktiviert explizit »autofs«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "hostid_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -2403,7 +2481,7 @@ msgstr "" "wird. Folgende Anbieter von »hostid« werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2415,12 +2493,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "»none« deaktiviert explizit »hostid«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2435,7 +2513,7 @@ msgstr "" "(NetBIOS-) Namen der Domain entsprechen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2447,22 +2525,22 @@ msgstr "" "P<Name>[^@\\\\]+)$))« " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "Benutzername@Domain.Name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "Domain\\Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -2472,7 +2550,7 @@ msgstr "" "Windows-Domains zu ermöglichen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2482,7 +2560,7 @@ msgstr "" "bedeutet »der Name ist alles bis zum »@«-Zeichen, die Domain alles danach«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2494,7 +2572,7 @@ msgstr "" "eindeutig benannte Musterteile unterstützen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -2503,17 +2581,17 @@ msgstr "" "Beschriftungsmusterteile nur die Python-Syntax (?P<Name>)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Voreinstellung: »%1$s@%2$s«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "lookup_family_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -2521,46 +2599,46 @@ msgstr "" "ermöglicht es, die bei DNS-Abfragen zu bevorzugende Adressfamilie zu wählen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "unterstützte Werte:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: versucht die IPv4- und, falls dies fehlschlägt, die IPv6-Adresse " "nachzuschlagen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: versucht, nur Rechnernamen zu IPv4-Adressen aufzulösen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: versucht die IPv6- und, falls dies fehlschlägt, die IPv4-Adresse " "nachzuschlagen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: versucht, nur Rechnernamen zu IPv6-Adressen aufzulösen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "Voreinstellung: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2572,18 +2650,18 @@ msgstr "" "Offline-Modus arbeiten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 -#: sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "Voreinstellung: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -2592,46 +2670,87 @@ msgstr "" "DNS-Dienstabfrage an." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "Voreinstellung: Der Domain-Teil des Rechnernamens wird benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "override_gid (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "überschreibt die Haupt-GID mit der angegebenen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +#, fuzzy +#| msgid "case_sensitive (boolean)" +msgid "case_sensitive (string)" msgstr "case_sensitive (Boolesch)" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 +#, fuzzy +#| msgid "" +#| "Treat user and group names as case sensitive. At the moment, this option " +#| "is not supported in the local provider." msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "berücksichtigt bei Benutzer- und Gruppennamen die Groß- und Kleinschreibung. " "Im Moment wird diese Option nicht vom lokalen Anbieter unterstützt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" -msgstr "Voreinstellung: True" +#: sssd.conf.5.xml:1916 +#, fuzzy +#| msgid "Default: false (AD provider: true)" +msgid "Default: True (False for AD provider)" +msgstr "Voreinstellung: falsch (AD-Anbieter: wahr)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2645,22 +2764,22 @@ msgstr "" "veranlassen, die ID im Zwischenspeicher nachzuschlagen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "flacher (NetBIOS-) Name einer Subdomain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2675,7 +2794,7 @@ msgstr "" "verwendet werden. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -2683,17 +2802,17 @@ msgstr "" "überschrieben werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Voreinstellung: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "realmd_tags (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -2701,7 +2820,7 @@ msgstr "" "Kennzeichnungen" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2713,17 +2832,17 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "das Proxy-Ziel, an das PAM weiterleitet" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -2733,12 +2852,12 @@ msgstr "" "hinzufügen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2749,7 +2868,7 @@ msgstr "" "$(libName)_$(function)«, zum Beispiel »_nss_files_getpwent«." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -2758,12 +2877,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "Der Abschnitt lokale Domain" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2774,29 +2893,29 @@ msgstr "" "<replaceable>ID_Anbieter=lokal</replaceable> benutzt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "default_shell (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "die Standard-Shell für Anwender, die mit den SSSD-Werkzeugen für den " "Benutzerbereich erstellt wurde." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "Voreinstellung: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "base_directory (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -2805,17 +2924,17 @@ msgstr "" "replaceable> und benutzen dies als Home-Verzeichnis." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "Voreinstellung: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "create_homedir (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -2824,17 +2943,17 @@ msgstr "" "werden soll; kann auf der Befehlszeile überschrieben werden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "Voreinstellung: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "remove_homedir (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -2843,12 +2962,12 @@ msgstr "" "entfernt werden soll; kann auf der Befehlszeile überschrieben werden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "homedir_umask (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2859,17 +2978,17 @@ msgstr "" "Standardzugriffsrechte für ein neu erstelltes Home-Verzeichnis anzugeben." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "Voreinstellung: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "skel_dir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2882,17 +3001,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry> erstellt wird" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "Voreinstellung: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "mail_dir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2903,17 +3022,17 @@ msgstr "" "wurde. Ist dies nicht angegeben wird ein Standardwert verwendet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "Voreinstellung: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "userdel_cmd (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2925,18 +3044,19 @@ msgstr "" "berücksichtigt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "Voreinstellung: keine, es wird kein Befehl ausgeführt" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 +#: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "BEISPIEL" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2990,7 +3110,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3177,7 +3297,7 @@ msgstr "" "rfc/rfc2254.txt spezifiziert, sein." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "Beispiele:" @@ -3406,7 +3526,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "das LDAP-Attribut, das zu der Hauptgruppen-ID des Benutzers gehört" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "Voreinstellung: gidNumber" @@ -3460,27 +3580,11 @@ msgstr "Voreinstellung: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "ldap_user_uuid (Zeichenkette)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" -"das LDAP-Attribut, das die UUID/GUID eines LDAP-Benutzerobjekts enthält" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "Voreinstellung: nsUniqueId" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -3489,19 +3593,19 @@ msgstr "" "Dies wird normalerweise nur für Active-Directory-Server benötigt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" "Voreinstellung: objectSid für Active Directory, für andere Server nicht " "gesetzt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -3510,17 +3614,17 @@ msgstr "" "übergeordneten Objekt enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "Voreinstellung: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3533,17 +3637,17 @@ msgstr "" "manvolnum> </citerefentry> (Datum der letzten Passwortänderung) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "Voreinstellung: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3556,17 +3660,17 @@ msgstr "" "manvolnum> </citerefentry> (Mindestpasswortalter) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "Voreinstellung: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3579,17 +3683,17 @@ msgstr "" "manvolnum> </citerefentry> (maximales Passwortalter) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "Voreinstellung: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3602,17 +3706,17 @@ msgstr "" "manvolnum> </citerefentry> (Passwortwarnperiode) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "Voreinstellung: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3625,17 +3729,17 @@ msgstr "" "manvolnum> </citerefentry> (Passwortinaktivitätsperiode) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "Voreinstellung: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -3648,17 +3752,17 @@ msgstr "" "manvolnum> </citerefentry> (Ablaufdatum des Kontos) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "Voreinstellung: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -3669,17 +3773,17 @@ msgstr "" "Passwortänderung in Kerberos gespeichert sind." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "Voreinstellung: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -3689,17 +3793,17 @@ msgstr "" "das aktuelle Passwort erlischt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "Voreinstellung: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -3709,17 +3813,17 @@ msgstr "" "Konto erlischt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "Voreinstellung: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -3729,17 +3833,17 @@ msgstr "" "Benutzerkontos gespeichert ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "Voreinstellung: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -3748,17 +3852,17 @@ msgstr "" "legt dieser Parameter fest, ob Zugriff gewährt wird oder nicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "Voreinstellung: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -3767,17 +3871,17 @@ msgstr "" "fest, ob Zugriff gewährt wird oder nicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "Voreinstellung: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -3786,12 +3890,12 @@ msgstr "" "fest, bis zu welchem Datum Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -3800,17 +3904,17 @@ msgstr "" "Stunden eines Wochentages fest, in denen Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "Voreinstellung: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -3819,17 +3923,17 @@ msgstr "" "Hauptbenutzername) enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "Voreinstellung: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "ldap_user_extra_attrs (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." @@ -3838,7 +3942,7 @@ msgstr "" "üblichen Benutzerattributen holen soll." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3855,7 +3959,7 @@ msgstr "" "unterschiedlichen LDAP-Schemata eingerichtet sind." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3867,12 +3971,12 @@ msgstr "" "verwendet wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." @@ -3881,12 +3985,12 @@ msgstr "" "<quote>telephoneNumber</quote> im Zwischenspeicher." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." @@ -3895,23 +3999,30 @@ msgstr "" "<quote>phone</quote> im Zwischenspeicher." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" "das LDAP-Attribut, das die öffentlichen SSH-Schlüssel des Benutzers enthält" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +#, fuzzy +#| msgid "Default: sudoRole" +msgid "Default: sshPublicKey" +msgstr "Voreinstellung: sudoRole" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3924,12 +4035,12 @@ msgstr "" "ungleich Null, falls Sie einen Realm in Großbuchstaben wünschen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -3938,12 +4049,12 @@ msgstr "" "Zwischenspeicher aufgezählter Datensätze aktualisiert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3954,56 +4065,58 @@ msgstr "" "haben) und diese entfernt werden, um Platz zu sparen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" "Wird diese Option auf null gesetzt, wird das Aufräumen des Zwischenspeichers " "deaktiviert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" +#: sssd-ldap.5.xml:711 +#, fuzzy +#| msgid "Default: 10800 (12 hours)" +msgid "Default: 10800 (3 hours)" msgstr "Voreinstellung: 10800 (12 Stunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "das LDAP-Attribut, das dem vollständigen Benutzernamen entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 -#: sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "Voreinstellung: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" "das LDAP-Attribut, das die Gruppenmitgliedschaften des Benutzers aufführt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "Voreinstellung: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -4014,7 +4127,7 @@ msgstr "" "im LDAP-Eintrag den Benutzers nutzen, um die Zugriffsrechte zu bestimmen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -4023,7 +4136,7 @@ msgstr "" "SSSD eine explizite Erlaubnis (»svc«) und zuletzt nach »allow_all« (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -4034,17 +4147,17 @@ msgstr "" "»ldap_user_authorized_service« funktioniert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "Voreinstellung: authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -4055,7 +4168,7 @@ msgstr "" "verwenden, um die Zugriffsrechte zu bestimmen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -4064,7 +4177,7 @@ msgstr "" "SSSD eine explizite Erlaubnis (»host«) und zuletzt nach »allow_all« (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -4075,77 +4188,67 @@ msgstr "" "»ldap_user_authorized_host« funktioniert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "Voreinstellung: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "die Objektklasse eines Gruppeneintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "Voreinstellung: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "ldap_group_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "das LDAP-Attribut, das dem Gruppennamen entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "das LDAP-Attribut, das der Gruppen-ID entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "ldap_group_member (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "das LDAP-Attribut, das die Namen der Gruppenmitglieder enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Voreinstellung: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "ldap_group_uuid (Zeichenkette)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "das LDAP-Attribut, das die UUID/GUID eines LDAP-Gruppenobjekts enthält" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -4154,17 +4257,17 @@ msgstr "" "wird normalerweise nur für Active-Directory-Server benötigt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." @@ -4173,7 +4276,7 @@ msgstr "" "eventuell weitere Flags enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4184,17 +4287,17 @@ msgstr "" "Domains herausgefiltert werden sollte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "Voreinstellung: groupType im AD-Anbieter, anderenfalls nicht gesetzt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4206,7 +4309,7 @@ msgstr "" "das Schema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4223,7 +4326,7 @@ msgstr "" "erfolgt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -4237,17 +4340,17 @@ msgstr "" "auf »falsch« gesetzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "Voreinstellung: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4259,7 +4362,7 @@ msgstr "" "beschleunigen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." @@ -4269,7 +4372,7 @@ msgstr "" "Leistungssteigerung." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4280,7 +4383,7 @@ msgstr "" "»True« eigentlich »auto-detect«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -4293,18 +4396,18 @@ msgstr "" "aa746475%28v=vs.85%29.aspx\"> MSDN™-Dokumentation</ulink>." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 -#: sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 +#: sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "Voreinstellung: False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4316,12 +4419,12 @@ msgstr "" "verschachtelten Gruppen)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -4330,72 +4433,77 @@ msgstr "" "Attributs, wenn »initgroup« für Benutzers des Active Directory Servers 2008 " "und neuere Versionen ausgeführt wird." +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "Voreinstellung: True" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "die Objektklasse eines Netzgruppeneintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_object_class« benutzt " "werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "Voreinstellung: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "das LDAP-Attribut, das dem Netzgruppennamen entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" "Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_name« benutzt werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "das LDAP-Attribut, das die Namen der Netzgruppenmitglieder enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_member« benutzt werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "Voreinstellung: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -4403,60 +4511,42 @@ msgstr "" "enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "Diese Option ist für IPA-Anbieter nicht verfügbar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "Voreinstellung: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "ldap_netgroup_uuid (Zeichenkette)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" -"das LDAP-Attribut, das die UUID/GUID eines LDAP-Netzgruppenobjekts enthält" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" -"Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_member« benutzt werden." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "die Objektklasse eines Diensteintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "Voreinstellung: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "ldap_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -4464,49 +4554,49 @@ msgstr "" "das LDAP-Attribut, das die Namen von Dienstattributen und ihre Alias enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "ldap_service_port (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "das LDAP-Attribut, das den von diesem Dienst verwalteten Port enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "Voreinstellung: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" "das LDAP-Attribut, das die von diesem Dienst verstandenen Protokolle enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "Voreinstellung: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -4517,7 +4607,7 @@ msgstr "" "Ergebnisse zurückgegeben werden (und in den Offline-Modus gegangen wird)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4528,12 +4618,12 @@ msgstr "" "Zeitüberschreitungspunkten für spezielle Nachschlagetypen ersetzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4545,12 +4635,12 @@ msgstr "" "(und in den Offline-Modus gegangen wird)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -4567,12 +4657,12 @@ msgstr "" "citerefentry> zurückkehrt, falls keine Aktivität stattfindet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -4584,12 +4674,12 @@ msgstr "" "SASL-Bind mit der Schlüsselverwaltungszentrale (KDC) kommuniziert wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -4603,17 +4693,17 @@ msgstr "" "Lebensdauer) verwendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "Voreinstellung: 900 (15 Minuten)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -4623,17 +4713,17 @@ msgstr "" "pro Anfrage." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "Voreinstellung: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -4645,7 +4735,7 @@ msgstr "" "deaktiviert ist oder sich nicht ordnungsgemäß verhält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -4655,7 +4745,7 @@ msgstr "" "aber nicht in der Lage, es zu benutzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -4667,17 +4757,17 @@ msgstr "" "abgelehnt werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "deaktiviert die Bereichsabfrage von Active Directory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -4693,12 +4783,12 @@ msgstr "" "es so aussehen, als ob große Gruppen keine Mitglieder hätten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -4709,19 +4799,19 @@ msgstr "" "Werte dieser Option werden durch OpenLDAP definiert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Voreinstellung: verwendet die Voreinstellungen des System (normalerweise in " "»ldap.conf« angegeben)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -4733,7 +4823,7 @@ msgstr "" "nachgeschlagen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" @@ -4741,7 +4831,7 @@ msgstr "" "den Wert auf 0 setzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -4754,7 +4844,7 @@ msgstr "" "unterstützten Server sind 389/RHDS, OpenLDAP und Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -4765,12 +4855,12 @@ msgstr "" "Nachschlagen ohne Rücksicht auf die Einstellung deaktiviert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -4780,7 +4870,7 @@ msgstr "" "Werte angegeben werden:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -4789,7 +4879,7 @@ msgstr "" "oder anfordern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4801,7 +4891,7 @@ msgstr "" "Sitzung fährt normal fort." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4812,7 +4902,7 @@ msgstr "" "ungültiges Zertifikat bereitgestellt wird, wird die Sitzung sofort beendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -4823,22 +4913,22 @@ msgstr "" "sofort beendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = entspricht »demand«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "Voreinstellung: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -4847,7 +4937,7 @@ msgstr "" "die <command>sssd</command> erkennen wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -4856,12 +4946,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4875,33 +4965,33 @@ msgstr "" "Erstellen der korrekten Namen verwendet werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" "gibt die Datei an, die das Zertifikat für den Schlüssel des Clients enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "gibt die Datei an, die den Schlüssel des Clients enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4913,12 +5003,12 @@ msgstr "" "manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -4927,12 +5017,12 @@ msgstr "" "\">tls</systemitem> benutzen muss, um den Kanal abzusichern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4944,19 +5034,19 @@ msgstr "" "verlassen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Derzeit unterstützt diese Funktionalität nur das Abbilden von Active-" "Directory-ObjectSIDs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "ldap_min_id, ldap_max_id (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4975,17 +5065,17 @@ msgstr "" "Abbildung von IDs wählen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "Voreinstellung: nicht gesetzt (beide Optionen sind auf 0 gesetzt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -4994,12 +5084,12 @@ msgstr "" "GSSAPI getestet und wird unterstützt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5014,17 +5104,17 @@ msgstr "" "enthalten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "Voreinstellung Rechner/MeinRechner@BEREICH" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5035,17 +5125,17 @@ msgstr "" "»ldap_sasl_authid« ebenfalls den Realm enthält, wird diese Option ignoriert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "Voreinstellung: der Wert von »krb5_realm«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -5055,34 +5145,34 @@ msgstr "" "Bind in eine kanonische Form zu bringen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "Voreinstellung: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "gibt die Keytab an, wenn SASL/GSSAPI benutzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Voreinstellung: Keytab des Systems, normalerweise <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5093,28 +5183,28 @@ msgstr "" "ausgewählte Mechnaismus GSSAPI ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" "gibt die Lebensdauer eines TGT in Sekunden an, falls GSSAPI benutzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "Voreinstellung: 86400 (24 Stunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5133,7 +5223,7 @@ msgstr "" "Weitere Informationen finden Sie im Abschnitt »DIENSTSUCHE«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5144,7 +5234,7 @@ msgstr "" "Protokoll angeben. Falls keine gefunden werden, weicht es auf _tcp aus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5156,29 +5246,29 @@ msgstr "" "migrieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "gibt den Kerberos-REALM an (für SASL/GSSAPI-Authentifizierung)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Voreinstellung: Systemvoreinstellungen, siehe <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -5188,12 +5278,12 @@ msgstr "" "Kerberos >= 1.7 verfügbar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5209,7 +5299,7 @@ msgstr "" "manvolnum> </citerefentry> einrichten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5220,12 +5310,12 @@ msgstr "" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -5234,7 +5324,7 @@ msgstr "" "Passworts abgeschätzt werden soll. Die folgenden Werte sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -5243,7 +5333,7 @@ msgstr "" "kann keine Server-seitigen Passwortregelwerke deaktivieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5254,7 +5344,7 @@ msgstr "" "manvolnum></citerefentry>, um abzuschätzen, ob das Passwort erloschen ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5266,7 +5356,7 @@ msgstr "" "Passwort geändert wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -5276,17 +5366,17 @@ msgstr "" "festgelegten Regel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "gibt an, ob automatische Verweisverfolgung aktiviert werden soll." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -5295,7 +5385,7 @@ msgstr "" "mit OpenLDAP Version 2.4.13 oder höher kompiliert wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5309,28 +5399,28 @@ msgstr "" "merkliche Leistungsverbesserung bringen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "gibt an, welcher Dienstname bei aktivierter Dienstsuche benutzt werden soll." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "Voreinstellung: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -5339,17 +5429,17 @@ msgstr "" "soll, der Passwortänderungen bei aktivierter Dienstsuche ermöglicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Voreinstellung: nicht gesetzt, d.h. Dienstsuche ist deaktiviert" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -5358,12 +5448,12 @@ msgstr "" "Passwortänderung mit Unix-Zeit geändert wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5393,12 +5483,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "Beispiel:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5410,7 +5500,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -5419,7 +5509,7 @@ msgstr "" "beschränkt, deren employeeType-Attribut auf »admin« gesetzt ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5431,17 +5521,17 @@ msgstr "" "Falls ja, wird weiterhin offline Zugriff gegeben und umgekehrt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "Voreinstellung: leer" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -5450,7 +5540,7 @@ msgstr "" "Zugriffssteuerungsattribute aktiviert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5461,12 +5551,12 @@ msgstr "" "einem geeigneten Fehlercode zurückweisen, wenn das Passwort korrekt ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "Die folgenden Werte sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -5475,7 +5565,7 @@ msgstr "" "»ldap_user_shadow_expire«, um zu bestimmen, ob das Konto abgelaufen ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5488,7 +5578,7 @@ msgstr "" "gewährt. Außerdem wird die Ablaufzeit des Kontos geprüft." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5499,7 +5589,7 @@ msgstr "" "Zugriff erlaubt wird oder nicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5512,7 +5602,7 @@ msgstr "" "Zugriff gewährt wird. Falls diese Attribute fehlen, wird Zugriff erteilt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5523,29 +5613,37 @@ msgstr "" "»ldap_account_expire_policy« funktioniert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "ldap_access_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "durch Kommata getrennte Liste von Zugriffssteuerungsoptionen. Folgende Werte " "sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: verwendet »ldap_access_filter«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: verwendet »ldap_account_expire_policy«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -5554,19 +5652,19 @@ msgstr "" "»authorizedService«, um zu bestimmen, ob Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: verwendet das Attribut »host«, um zu bestimmen, " "ob Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "Voreinstellung: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -5575,12 +5673,38 @@ msgstr "" "mehr als einmal benutzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +#, fuzzy +#| msgid "ldap_pwd_policy (string)" +msgid "ldap_pwdlockout_dn (string)" +msgstr "ldap_pwd_policy (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "ldap_deref (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -5589,12 +5713,12 @@ msgstr "" "folgenden Optionen sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: Alias werden nie dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -5604,7 +5728,7 @@ msgstr "" "Suche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -5613,7 +5737,7 @@ msgstr "" "der Suche dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -5622,7 +5746,7 @@ msgstr "" "Orten des Basisobjekts der Suche dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -5631,12 +5755,12 @@ msgstr "" "<emphasis>never</emphasis> gehandhabt.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -5645,7 +5769,7 @@ msgstr "" "beizubehalten, die das Schema RFC2307 benutzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -5663,7 +5787,7 @@ msgstr "" "getpw*() oder initgroups() abzurufen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -5689,12 +5813,12 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "SUDO-OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -5705,52 +5829,52 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "die Objektklasse eines Sudo-Regeleintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "Voreinstellung: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "das LDAP-Attribut, das dem Namen der Sudo-Regel entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "das LDAP-Attribut, das dem Namen des Befehls entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "Voreinstellung: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -5759,17 +5883,17 @@ msgstr "" "Netzwerk oder des Netzwerkgruppe des Rechners) entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "Voreinstellung: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -5778,32 +5902,32 @@ msgstr "" "oder der Netzwerkgruppe des Benutzers) entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "Voreinstellung: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "das LDAP-Attribut, das den Sudo-Optionen entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "Voreinstellung: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -5812,17 +5936,17 @@ msgstr "" "ausgeführt werden können" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "Voreinstellung: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -5831,17 +5955,17 @@ msgstr "" "worunter Befehle ausgeführt werden können" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "Voreinstellung: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -5850,17 +5974,17 @@ msgstr "" "Sudo-Regel gültig wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "Voreinstellung: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -5869,32 +5993,32 @@ msgstr "" "der die Sudo-Regel nicht länger gültig ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "Voreinstellung: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "das LDAP-Attribut, das dem Reihenfolgenindex der Regel entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "Voreinstellung: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -5904,7 +6028,7 @@ msgstr "" "heruntergeladen werden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -5913,17 +6037,17 @@ msgstr "" "emphasis> sein." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "Voreinstellung: 21600 (6 Stunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -5934,7 +6058,7 @@ msgstr "" "höchste USN der zwischengespeicherten Regeln haben, heruntergeladen werden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -5943,12 +6067,12 @@ msgstr "" "das Attribut »modifyTimestamp« benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -5958,12 +6082,12 @@ msgstr "" "Netzwerkadressen und Rechnernamen)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -5972,7 +6096,7 @@ msgstr "" "Domain-Namen, die zum Filtern der Regeln benutzt werden sollen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -5981,8 +6105,8 @@ msgstr "" "voll qualifizierten Domain-Namen automatisch herauszufinden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -5991,17 +6115,17 @@ msgstr "" "emphasis> ist, hat diese Option keine Auswirkungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "Voreinstellung: nicht angegeben" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -6010,7 +6134,7 @@ msgstr "" "Netzwerkadressen, die zum Filtern der Regeln benutzt werden sollen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -6019,12 +6143,12 @@ msgstr "" "herauszufinden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -6033,12 +6157,12 @@ msgstr "" "eine Netzgruppe im Attribut »sudoHost« enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -6047,7 +6171,7 @@ msgstr "" "einen Platzhalter im Attribut »sudoHost« enthält." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6060,12 +6184,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "AUTOFS-OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." @@ -6074,62 +6198,62 @@ msgstr "" "entsprechen. " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "Der Name der Automount-Master-Abbildung in LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "Voreinstellung: auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "die Objektklasse eines Automount-Abbildungseintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "Voreinstellung: automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "der Name eines Automount-Abbildungseintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "Voreinstellung: ou" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -6138,17 +6262,17 @@ msgstr "" "Eintrag einem Einhängepunkt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "Voreinstellung: automountInformation" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6161,37 +6285,37 @@ msgstr "" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "ERWEITERTE OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6202,7 +6326,7 @@ msgstr "" "falls Sie wissen, was Sie tun. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6213,7 +6337,7 @@ msgstr "" "gesetzt ist." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -6233,20 +6357,20 @@ msgstr "" " cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 -#: sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 +#: sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "ANMERKUNGEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6896,7 +7020,7 @@ msgstr "" "zu identifizieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "dyndns_update (Boolesch)" @@ -6916,7 +7040,7 @@ msgstr "" "»dyndns_iface« keine andere angegeben wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -6938,12 +7062,12 @@ msgstr "" "Konfigurationsdatei migrieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -6972,12 +7096,12 @@ msgid "Default: 1200 (seconds)" msgstr "Voreinstellung: 1200 (Sekunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "dyndns_iface (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -7034,12 +7158,12 @@ msgstr "" "gefundenen als Sicherungsserver." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -7050,12 +7174,12 @@ msgstr "" "Diese Option ist optional und nur anwendbar, wenn »dyndns_update« »true« ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -7080,12 +7204,12 @@ msgid "Default: False (disabled)" msgstr "Voreinstellung: False (deaktiviert)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -7094,7 +7218,7 @@ msgstr "" "DNS-Server verwenden soll" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Voreinstellung: False (lässt Nsupdate das Protokoll auswählen)" @@ -7201,7 +7325,7 @@ msgstr "" "prüft mit Hilfe von »krb5_keytab«, ob das erhaltene TGT keine Täuschung ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -7313,7 +7437,7 @@ msgstr "" "Zugriffssteuerungsanfragen in einer kurzen Zeitspanne ankommen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "Voreinstellung: 5 (Sekunden)" @@ -7930,8 +8054,492 @@ msgstr "" msgid "Default: permissive" msgstr "Voreinstellung: permissive" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +#, fuzzy +#| msgid "ldap_purge_cache_timeout (integer)" +msgid "ad_gpo_cache_timeout (integer)" +msgstr "ldap_purge_cache_timeout (Ganzzahl)" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 +#, fuzzy +#| msgid "" +#| "The amount of time between lookups of the HBAC rules against the IPA " +#| "server. This will reduce the latency and load on the IPA server if there " +#| "are many access-control requests made in a short period." +msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" +"die Zeit zwischen dem Abrufen der HBAC-Regeln beim IPA-Server. Dies wird die " +"Wartezeit und Belastung des IPA-Servers verringern, falls dort viele " +"Zugriffssteuerungsanfragen in einer kurzen Zeitspanne ankommen." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_interactive (string)" +msgstr "ad_domain (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +#, fuzzy +#| msgid "" +#| "It is possible to add another attribute to this set by using <quote>" +#| "+attr_name</quote> or explicitly remove an attribute using <quote>-" +#| "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> " +#| "but deny <quote>loginShell</quote>, you would use the following " +#| "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>login</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Es ist möglich, ein weiteres Attribut zu diesem Satz hinzuzufügen, indem Sie " +"<quote>+attr_name</quote> verwenden. Explizit entfernen lässt sich ein " +"Attribut mit <quote>-attr_name</quote>. Um beispielsweise " +"<quote>telephoneNumber</quote> zu erlauben, aber <quote>loginShell</quote> " +"abzuweisen, können Sie folgende Konfiguration verwenden: <placeholder type=" +"\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 +#: sssd-ad.5.xml:559 +#, fuzzy +#| msgid "" +#| "Default: not set. Only the default set of POSIX attributes is allowed." +msgid "Default: the default set of PAM service names includes:" +msgstr "" +"Voreinstellung: Nicht gesetzt. Nur der Standardsatz an POSIX-Attributen ist " +"erlaubt." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +#, fuzzy +#| msgid "login UID" +msgid "login" +msgstr "Anmelde-UID" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +#, fuzzy +#| msgid "password" +msgid "gdm-password" +msgstr "password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +#, fuzzy +#| msgid "ldap_user_shadow_inactive (string)" +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "ldap_user_shadow_inactive (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +#, fuzzy +#| msgid "" +#| "It is possible to add another attribute to this set by using <quote>" +#| "+attr_name</quote> or explicitly remove an attribute using <quote>-" +#| "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> " +#| "but deny <quote>loginShell</quote>, you would use the following " +#| "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>sshd</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Es ist möglich, ein weiteres Attribut zu diesem Satz hinzuzufügen, indem Sie " +"<quote>+attr_name</quote> verwenden. Explizit entfernen lässt sich ein " +"Attribut mit <quote>-attr_name</quote>. Um beispielsweise " +"<quote>telephoneNumber</quote> zu erlauben, aber <quote>loginShell</quote> " +"abzuweisen, können Sie folgende Konfiguration verwenden: <placeholder type=" +"\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +#, fuzzy +#| msgid "ad_gpo_access_control (string)" +msgid "ad_gpo_map_network (string)" +msgstr "ad_gpo_access_control (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +#, fuzzy +#| msgid "" +#| "It is possible to add another attribute to this set by using <quote>" +#| "+attr_name</quote> or explicitly remove an attribute using <quote>-" +#| "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> " +#| "but deny <quote>loginShell</quote>, you would use the following " +#| "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>ftp</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Es ist möglich, ein weiteres Attribut zu diesem Satz hinzuzufügen, indem Sie " +"<quote>+attr_name</quote> verwenden. Explizit entfernen lässt sich ein " +"Attribut mit <quote>-attr_name</quote>. Um beispielsweise " +"<quote>telephoneNumber</quote> zu erlauben, aber <quote>loginShell</quote> " +"abzuweisen, können Sie folgende Konfiguration verwenden: <placeholder type=" +"\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_batch (string)" +msgstr "ad_domain (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +#, fuzzy +#| msgid "" +#| "It is possible to add another attribute to this set by using <quote>" +#| "+attr_name</quote> or explicitly remove an attribute using <quote>-" +#| "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> " +#| "but deny <quote>loginShell</quote>, you would use the following " +#| "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>crond</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Es ist möglich, ein weiteres Attribut zu diesem Satz hinzuzufügen, indem Sie " +"<quote>+attr_name</quote> verwenden. Explizit entfernen lässt sich ein " +"Attribut mit <quote>-attr_name</quote>. Um beispielsweise " +"<quote>telephoneNumber</quote> zu erlauben, aber <quote>loginShell</quote> " +"abzuweisen, können Sie folgende Konfiguration verwenden: <placeholder type=" +"\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +#, fuzzy +#| msgid "ldap_service_name (string)" +msgid "ad_gpo_map_service (string)" +msgstr "ldap_service_name (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +#, fuzzy +#| msgid "" +#| "It is possible to add another attribute to this set by using <quote>" +#| "+attr_name</quote> or explicitly remove an attribute using <quote>-" +#| "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> " +#| "but deny <quote>loginShell</quote>, you would use the following " +#| "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgid "" +"It is possible to add a PAM service name to the default set by using <quote>" +"+service_name</quote>. Since the default set is empty, it is not possible " +"to remove a PAM service name from the default set. For example, in order to " +"add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " +"would use the following configuration: <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" +"Es ist möglich, ein weiteres Attribut zu diesem Satz hinzuzufügen, indem Sie " +"<quote>+attr_name</quote> verwenden. Explizit entfernen lässt sich ein " +"Attribut mit <quote>-attr_name</quote>. Um beispielsweise " +"<quote>telephoneNumber</quote> zu erlauben, aber <quote>loginShell</quote> " +"abzuweisen, können Sie folgende Konfiguration verwenden: <placeholder type=" +"\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_permit (string)" +msgstr "ad_domain (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +#, fuzzy +#| msgid "" +#| "It is possible to add another attribute to this set by using <quote>" +#| "+attr_name</quote> or explicitly remove an attribute using <quote>-" +#| "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> " +#| "but deny <quote>loginShell</quote>, you would use the following " +#| "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Es ist möglich, ein weiteres Attribut zu diesem Satz hinzuzufügen, indem Sie " +"<quote>+attr_name</quote> verwenden. Explizit entfernen lässt sich ein " +"Attribut mit <quote>-attr_name</quote>. Um beispielsweise " +"<quote>telephoneNumber</quote> zu erlauben, aber <quote>loginShell</quote> " +"abzuweisen, können Sie folgende Konfiguration verwenden: <placeholder type=" +"\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +#, fuzzy +#| msgid "sssd-sudo" +msgid "sudo" +msgstr "sssd-sudo" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_deny (string)" +msgstr "ad_domain (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +#, fuzzy +#| msgid "ldap_default_authtok (string)" +msgid "ad_gpo_default_right (string)" +msgstr "ldap_default_authtok (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +#, fuzzy +#| msgid "There are three supported values for this option:" +msgid "Supported values for this option include:" +msgstr "Für diese Option werden drei Werte unterstützt:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +#, fuzzy +#| msgid "services" +msgid "service" +msgstr "Dienste" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +#, fuzzy +#| msgid "Default: cn" +msgid "Default: deny" +msgstr "Voreinstellung: cn" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -7949,22 +8557,22 @@ msgstr "" "»dyndns_iface« angegeben wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "Voreinstellung: 3600 (Sekunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "Voreinstellung: verwendet die IP-Adresse der AD-LDAP-Verbindung" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "krb5_use_enterprise_principal (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." @@ -7974,7 +8582,7 @@ msgstr "" "Abschnitt 5 von RFC 6806." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -7986,7 +8594,7 @@ msgstr "" "Optionen von AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -8010,7 +8618,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -8022,7 +8630,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -8033,10 +8641,18 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 +#, fuzzy +#| msgid "" +#| "However, unless the <quote>ad</quote> access control provider is " +#| "explicitly configured, the default access provider is <quote>permit</" +#| "quote>." msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" "Außer wenn der Zugriffssteuerungsanbieter »ad« jedoch explizit konfiguriert " "wurde, ist der voreingestellte Zugriffsanbieter »permit«." @@ -8527,28 +9143,33 @@ msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" -"teilt SSSD mit, dass es eine Minute lang simuliert offline zu sein. Dies ist " -"meist zu Testzwecken nützlich." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 +#, fuzzy +#| msgid "" +#| "Tells the SSSD to go online immediately. This is mostly useful for " +#| "testing purposes." msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" "teilt SSSD mit, dass es sofort online gehen soll. Dies ist meist zu " "Testzwecken nützlich." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -9997,6 +10618,46 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 +#, fuzzy +#| msgid "" +#| "<option>-u</option>,<option>--user</option> <replaceable>login</" +#| "replaceable>" +msgid "" +"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" +"replaceable>" +msgstr "" +"<option>-u</option>,<option>--user</option> <replaceable>Anmeldung</" +"replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:167 +#, fuzzy +#| msgid "Invalidate specific user." +msgid "Invalidate SSH public keys of a specific host." +msgstr "annulliert einen bestimmten Benutzer." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +#, fuzzy +#| msgid "<option>-s</option>,<option>--stdin</option>" +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "<option>-s</option>,<option>--stdin</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +#, fuzzy +#| msgid "" +#| "Invalidate all autofs maps. This option overrides invalidation of " +#| "specific map if it was also set." +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" +"annulliert alle Autofs-Abbildungen. Diese Option setzt das Annullieren " +"bestimmter Abbildungen außer Kraft, falls es ebenfalls gesetzt war." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>domain</" "replaceable>" @@ -10005,7 +10666,7 @@ msgstr "" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_cache.8.xml:167 +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "begrenzt den Annullierungsprozess auf eine bestimmte Domain." @@ -10381,6 +11042,182 @@ msgstr "" "Voreinstellung: Nicht gesetzt. Nur der Standardsatz an POSIX-Attributen ist " "erlaubt." +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" +"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " +"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" +"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " +"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" +"author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +#, fuzzy +#| msgid "sss_groupmod" +msgid "sss_rpcidmapd" +msgstr "sss_groupmod" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "CONFIGURATION FILE" +msgstr "KONFIGURATIONSOPTIONEN" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +#, fuzzy +#| msgid "" +#| "Specifies acceptable cipher suites. Typically this is a colon sperated " +#| "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " +#| "<manvolnum>5</manvolnum></citerefentry> for format." +msgid "" +"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." +"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." +msgstr "" +"gibt zulässige Chiffrierprogrammsammlungen an. Normalerweise ist dies eine " +"durch Kommata getrennte Liste. Siehe bezüglich des Formats " +"<citerefentry><refentrytitle>ldap.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry>." + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "SSS CONFIGURATION EXTENSION" +msgstr "KONFIGURATIONSOPTIONEN" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +#, fuzzy +#| msgid "The [sssd] section" +msgid "[sss] config section" +msgstr "Der Abschnitt [sssd]" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +#, fuzzy +#| msgid "Configuration" +msgid "Configuration attributes" +msgstr "Konfiguration" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +#, fuzzy +#| msgid "enumerate (bool)" +msgid "memcache (bool)" +msgstr "enumerate (Boolesch)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +#, fuzzy +#| msgid "" +#| "The following expansions are supported: <placeholder type=\"variablelist" +#| "\" id=\"0\"/>" +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Die folgenden Erweiterungen werden unterstützt: <placeholder type=" +"\"variablelist\" id=\"0\"/>" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "SIEHE AUCH" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +#, fuzzy +#| msgid "" +#| "This manual page describes how to configure <citerefentry> " +#| "<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </" +#| "citerefentry> to work with <citerefentry> <refentrytitle>sssd</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> and how SSSD " +#| "caches sudo rules." +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" +"Diese Handbuchseite beschreibt, wie <citerefentry> <refentrytitle>sudo</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> konfiguriert wird, " +"damit es zusammen mit <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> funktioniert und wie SSSD Sudo-" +"Regeln zwischenspeichert." + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -11480,13 +12317,49 @@ msgstr "" "<command>sss_user*</command>- und <command>sss_group*</command>-Werkzeuge " "benutzen einen lokalen LDB-Speicher, um Benutzer und Gruppen abzulegen." -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "SIEHE AUCH" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 +#, fuzzy +#| msgid "" +#| "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</" +#| "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" +#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" +#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</" +#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </" +#| "citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> " +#| "<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_seed</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</" +#| "manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> " +#| "<citerefentry> <refentrytitle>sss_ssh_authorizedkeys</refentrytitle> " +#| "<manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</" +#| "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " +#| "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" +#| "manvolnum> </citerefentry>, </phrase> <citerefentry> " +#| "<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>." msgid "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" @@ -11525,7 +12398,9 @@ msgid "" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" msgstr "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" @@ -11738,3 +12613,51 @@ msgstr "" #: include/homedir_substring.xml:15 msgid "Default: /home" msgstr "Voreinstellung: /home" + +#~ msgid "" +#~ "If SSSD is in offline mode, and last attempt to go online was less than " +#~ "number of seconds specified in this option ago, new requests for data " +#~ "will not result in attempt to go online." +#~ msgstr "" +#~ "Falls sich SSSD im Offline-Modus befindet und der letzte Versuch, online " +#~ "zu gehen, lag mehr als die Anzahl der in dieser Option angegebenen " +#~ "Sekunden zurück, werden neue Datenanfragen nicht zu erneuten Versuchen, " +#~ "online zu gehen." + +#~ msgid "ldap_user_uuid (string)" +#~ msgstr "ldap_user_uuid (Zeichenkette)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP user object." +#~ msgstr "" +#~ "das LDAP-Attribut, das die UUID/GUID eines LDAP-Benutzerobjekts enthält" + +#~ msgid "Default: nsUniqueId" +#~ msgstr "Voreinstellung: nsUniqueId" + +#~ msgid "ldap_group_uuid (string)" +#~ msgstr "ldap_group_uuid (Zeichenkette)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP group object." +#~ msgstr "" +#~ "das LDAP-Attribut, das die UUID/GUID eines LDAP-Gruppenobjekts enthält" + +#~ msgid "ldap_netgroup_uuid (string)" +#~ msgstr "ldap_netgroup_uuid (Zeichenkette)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." +#~ msgstr "" +#~ "das LDAP-Attribut, das die UUID/GUID eines LDAP-Netzgruppenobjekts enthält" + +#~ msgid "In IPA provider, ipa_netgroup_uuid should be used instead." +#~ msgstr "" +#~ "Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_member« benutzt werden." + +#~ msgid "" +#~ "Tells the SSSD to simulate offline operation for one minute. This is " +#~ "mostly useful for testing purposes." +#~ msgstr "" +#~ "teilt SSSD mit, dass es eine Minute lang simuliert offline zu sein. Dies " +#~ "ist meist zu Testzwecken nützlich." diff --git a/src/man/po/es.po b/src/man/po/es.po index 2314c8c17..d918b42ba 100644 --- a/src/man/po/es.po +++ b/src/man/po/es.po @@ -15,7 +15,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-07-09 19:18+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: 2014-06-04 18:04+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Spanish (http://www.transifex.com/projects/p/sssd/language/" @@ -33,8 +33,8 @@ msgstr "" #: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 #: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 #: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 -#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 -#: sss_ssh_knownhostsproxy.1.xml:5 +#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 +#: sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "Páginas de manual de SSSD" @@ -144,14 +144,14 @@ msgstr "sssd.conf" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 -#: sssd-ifp.5.xml:11 +#: sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 -#: sssd-ifp.5.xml:12 +#: sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "Formatos de archivo y convenciones" @@ -262,11 +262,11 @@ msgid "Add a timestamp to the debug messages" msgstr "Agregar una marca de tiempo a los mensajes de depuración" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 -#: sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 -#: sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 +#: sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 +#: sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 #: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "Predeterminado: true" @@ -281,16 +281,16 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "Agregar microsegundos a la marca de tiempo en mensajes de depuración" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 -#: sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 +#: sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "Predeterminado: false" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -314,7 +314,7 @@ msgstr "" "para asegurar que el proceso está vivo y capaz de responder peticiones." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "Predeterminado: 10" @@ -329,7 +329,7 @@ msgid "The [sssd] section" msgstr "La sección [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "Parámetros de sección" @@ -370,12 +370,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" @@ -384,7 +384,7 @@ msgstr "" "de datos del proveedor, o de reiniciarse antes de abandonar" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "Predeterminado: 3" @@ -404,7 +404,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "re_expression (cadena)" @@ -429,12 +429,12 @@ msgstr "" "DOMAIN SECTIONS para más información sobre estas expresiones regulares." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "full_name_format (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -442,39 +442,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -602,12 +602,46 @@ msgstr "" "user@domain.name, para acceder." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 -#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 -#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "Predeterminado: no definido" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +#, fuzzy +#| msgid "override_shell (string)" +msgid "override_space (string)" +msgstr "override_shell (cadena)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +#, fuzzy +#| msgid "Default: not set, i.e. FAST is not used." +msgid "Default: not set (spaces will not be replaced)" +msgstr "Por defecto: no fijado, esto es no se usa FAST." + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -626,12 +660,12 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "SECCIONES DE SERVICIOS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -644,22 +678,22 @@ msgstr "" "<quote>[nss]</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "Opciones de configuración de servicios generales" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "Estas opciones pueden usarse para configurar cualquier servicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -674,17 +708,17 @@ msgstr "" "valor más bajo de este o de limite “hard” en limits.conf." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "Por defecto: 8192 (o limite “hard” en limits.conf)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -696,19 +730,19 @@ msgstr "" "sistema." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 -#: sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 -#: sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 +#: sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 +#: sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "Predeterminado: 60" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "force_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the <quote>timeout</" "quote> option), it is first sent the SIGTERM signal that instructs it to " @@ -723,25 +757,50 @@ msgstr "" "una señal SIGKILL." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +msgid "offline_timeout + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "Opciones de configuración de NSS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -749,12 +808,12 @@ msgstr "" "Switch (NSS)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -763,17 +822,17 @@ msgstr "" "sobre todos los usuarios)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "Predeterminado: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -784,7 +843,7 @@ msgstr "" "valor de entry_cache_timeout para el dominio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -800,7 +859,7 @@ msgstr "" "actualización del cache." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -813,17 +872,17 @@ msgstr "" "segundos. (0 deshabilita esta función)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "Predeterminado: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -834,17 +893,17 @@ msgstr "" "entradas no existentes) antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "Predeterminado: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -857,17 +916,17 @@ msgstr "" "filtrar sólo usuario de un dominio concreto." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "Predeterminado: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -875,12 +934,12 @@ msgstr "" "opción a false." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "fallback_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -889,7 +948,7 @@ msgstr "" "especificado una explícitamente por el proveedor de datos del dominio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -897,7 +956,7 @@ msgstr "" "override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -907,23 +966,23 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Por defecto: no fijado (sin sustitución para los directorios home no fijados)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "override_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -931,17 +990,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "Por defecto: no fijado (SSSD usará el valor recuperado desde LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "allowed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -949,12 +1008,12 @@ msgstr "" "evaluación es:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "1. Si el shell está presente en <quote>/etc/shells</quote>, se usa." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -963,7 +1022,7 @@ msgstr "" "shells</quote>, usa el valor del parámetro shell_fallback." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -972,12 +1031,12 @@ msgstr "" "shells</quote>, se usará un shell de no acceso." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "Una cadena vacía para el shell se pasa como-es a libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -987,27 +1046,27 @@ msgstr "" "una nueva shell." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "Por defecto: No fijado. La shell del usuario se usa automáticamente." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "vetoed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "Reemplaza cualquier instancia de estos shells con shell_fallback" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "shell_fallback (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1015,24 +1074,24 @@ msgstr "" "máquina." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "Predeterminado: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1042,12 +1101,12 @@ msgstr "" "normalmente /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1056,12 +1115,12 @@ msgstr "" "considerada válida." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "memcache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" @@ -1070,17 +1129,17 @@ msgstr "" "escondrijo en memoria serán válidos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "Predeterminado: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "Opciones de configuración PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1089,12 +1148,12 @@ msgstr "" "Authentication Module (PAM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1103,17 +1162,17 @@ msgstr "" "los accesos escondidos (en días desde el último login en línea con éxito)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "Predeterminado: 0 (Sin límite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1122,12 +1181,12 @@ msgstr "" "login fallados están permitidos." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1137,7 +1196,7 @@ msgstr "" "intento de login sea posible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1148,17 +1207,17 @@ msgstr "" "éxito puede habilitar otra vez la autenticación fuera de línea." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "Predeterminado: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1167,44 +1226,44 @@ msgstr "" "autenticación. Cuanto mayor sea el número de mensajes más aparecen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "Actualmente sssd soporta los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: no mostrar ningún mensaje" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: mostrar sólo mensajes importantes" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: mostrar mensajes informativos" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: mostrar todos los mensajes e información de " "depuración" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "Predeterminado: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1216,7 +1275,7 @@ msgstr "" "información más actual." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1230,17 +1289,17 @@ msgstr "" "proveedor de identidad." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "Mostrar una advertencia N días antes que la contraseña caduque." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1251,7 +1310,7 @@ msgstr "" "información desaparece, sssd no podrá mostrar un aviso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1261,7 +1320,7 @@ msgstr "" "automáticamente." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1270,17 +1329,17 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> para un dominio concreto." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "Predeterminado: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "SUDO opciones de configuración" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1291,12 +1350,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "sudo_timed (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -1305,22 +1364,22 @@ msgstr "" "entradas de sudoers dependientes del tiempo." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "Opciones de configuración AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "Estas opciones pueden ser usadas para configurar el servicio autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1331,22 +1390,22 @@ msgstr "" "existentes) antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "Opciones de configuración SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "Estas opciones se pueden usar para configurar el servicio SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -1355,12 +1414,12 @@ msgstr "" "known_host. " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -1369,17 +1428,17 @@ msgstr "" "después de que se hayan pedido sus claves de host." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "Por defecto: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "Opciones de configuración del respondedor PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1398,7 +1457,7 @@ msgstr "" "siguientes operaciones:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1409,24 +1468,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "Estas opciones pueden ser usadas para configurar el respondedor PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1436,14 +1495,14 @@ msgstr "" "usuario que tiene el acceso permitido al respondedor PAC." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Por defecto: 0 (sólo el usuario root tiene permitido el acceso al " "respondedor PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1456,17 +1515,17 @@ msgstr "" "lista de UIDs permitidas también." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "SECCIONES DE DOMINIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "min_id, max_id (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -1475,7 +1534,7 @@ msgstr "" "está fuera de estos límites, ésta es ignorada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1488,24 +1547,24 @@ msgstr "" "reportados como en espera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Predeterminado: 1 para min_id, 0 (sin límite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "enumerar (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" @@ -1514,23 +1573,23 @@ msgstr "" "de los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Usuarios y grupos son enumerados" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Sin enumeraciones para este dominio" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "Predeterminado: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1550,7 +1609,7 @@ msgstr "" "las afiliaciones deben ser recalculadas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -1560,7 +1619,7 @@ msgstr "" "completen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1574,7 +1633,7 @@ msgstr "" "específico id_provider en uso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -1583,32 +1642,32 @@ msgstr "" "especialmente en entornos grandes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1617,17 +1676,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "Predeterminado: none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -1636,7 +1695,7 @@ msgstr "" "volver a consultar al backend" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1647,17 +1706,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "Predeterminado: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -1666,18 +1725,19 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 -#: sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "Por defecto: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -1686,12 +1746,12 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -1700,12 +1760,12 @@ msgstr "" "válidas antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -1714,12 +1774,12 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -1728,12 +1788,12 @@ msgstr "" "preguntar al backend otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -1742,58 +1802,78 @@ msgstr "" "automontaje válidos antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +#, fuzzy +#| msgid "entry_cache_sudo_timeout (integer)" +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "entry_cache_sudo_timeout (entero)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +#, fuzzy +#| msgid "" +#| "How many seconds to keep a host in the managed known_hosts file after its " +#| "host keys were requested." +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" +"Cuantos segundos se mantiene un host en el fichero known_hosts gestionados " +"después de que se hayan pedido sus claves de host." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Determina si las credenciales del usuario están también escondidas en el " "cache LDB local" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Las credenciales de usuario son almacenadas en un hash SHA512, no en texto " "plano" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1806,17 +1886,17 @@ msgstr "" "grande o igual que offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "Predeterminado: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1829,17 +1909,17 @@ msgstr "" "configurar un proveedor de autorización para el backend." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Por defecto: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "id_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -1847,17 +1927,17 @@ msgstr "" "soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "<quote>proxy</quote>: Soporta un proveedor NSS legado" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: Proveedor interno SSSD para usuarios locales" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1868,8 +1948,8 @@ msgstr "" "información sobre la configuración de LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 -#: sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1882,8 +1962,8 @@ msgstr "" "configuración de FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1895,12 +1975,12 @@ msgstr "" "Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -1910,7 +1990,7 @@ msgstr "" "NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1924,7 +2004,7 @@ msgstr "" "command> lo haría." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -1932,17 +2012,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "No devuelve miembros de grupo para búsquedas de grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -1953,12 +2033,12 @@ msgstr "" "llamadas de búsqueda de grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "auth_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -1967,7 +2047,7 @@ msgstr "" "autenticación soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1978,7 +2058,7 @@ msgstr "" "citerefentry> para más información sobre la configuración LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1989,7 +2069,7 @@ msgstr "" "citerefentry> para más información sobre la configuración de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -1997,12 +2077,12 @@ msgstr "" "objetivo PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> deshabilita la autenticación explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -2011,12 +2091,12 @@ msgstr "" "manejar las peticiones de autenticación." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "access_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2027,7 +2107,7 @@ msgstr "" "proveedores especiales internos son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -2036,12 +2116,12 @@ msgstr "" "sólo permitido para un dominio local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> siempre niega el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2054,17 +2134,17 @@ msgstr "" "configuración del módulo de acceso sencillo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "Predeterminado: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "chpass_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -2073,7 +2153,7 @@ msgstr "" "el dominio. Los proveedores de cambio de passweord soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2085,7 +2165,7 @@ msgstr "" "configurar LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2096,7 +2176,7 @@ msgstr "" "citerefentry> para más información sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -2104,13 +2184,13 @@ msgstr "" "otros objetivos PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> deniega explícitamente los cambios en la contraseña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -2119,18 +2199,18 @@ msgstr "" "puede manejar las peticiones de cambio de password." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "sudo_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "El proveedor SUDO usado por el dominio. Los proveedores SUDO soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2141,33 +2221,33 @@ msgstr "" "citerefentry> para más información sobre la configuración LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote>deshabilita SUDO explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 -#: sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Por defecto: el valor de <quote>id_provider</quote> se usa si está fijado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2178,12 +2258,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "selinux_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2194,7 +2274,7 @@ msgstr "" "finalice. Los proveedores selinux soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2206,14 +2286,14 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> deshabilita ir a buscar los ajustes selinux " "explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -2222,12 +2302,12 @@ msgstr "" "manejar las peticiones de carga selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "subdomains_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -2237,7 +2317,7 @@ msgstr "" "soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2249,18 +2329,18 @@ msgstr "" "configuración de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" "<quote>none</quote> deshabilita el buscador de subdominios explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "autofs_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -2268,7 +2348,7 @@ msgstr "" "son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2280,7 +2360,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2292,17 +2372,17 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> deshabilita autofs explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "hostid_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -2311,7 +2391,7 @@ msgstr "" "proveedores de hostid soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2323,12 +2403,12 @@ msgstr "" "configuración de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> deshabilita hostid explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2338,7 +2418,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2351,22 +2431,22 @@ msgstr "" "nombres de usuario:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "nombre de usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "dominio/nombre_de_usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -2376,7 +2456,7 @@ msgstr "" "dominios Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2387,7 +2467,7 @@ msgstr "" "el nombre, el dominio es el resto detrás de este signo\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2399,7 +2479,7 @@ msgstr "" "subplantillas sin nombre único." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -2408,17 +2488,17 @@ msgstr "" "soportan la sintaxis Python (?P<name>) para identificar subpatrones." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Predeterminado: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "lookup_family_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -2427,42 +2507,42 @@ msgstr "" "a usar cuando se lleven a cabo búsquedas DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "Valores soportados:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Intenta buscar dirección IPv4, si falla, intenta IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Sólo intenta resolver nombres de host a direccones IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Intenta buscar dirección IPv6, si falla, intenta IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Sólo intenta resolver nombres de host a direccones IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "Predeterminado: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2473,18 +2553,18 @@ msgstr "" "espera, el dominio continuará operativo en modo fuera de línea." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 -#: sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "Predeterminado: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -2493,47 +2573,86 @@ msgstr "" "de dominio de la pregunta al descubridor de servicio DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Predeterminado: Utilizar la parte del dominio del nombre de host del equipo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "override_gid (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "Anula el valor primario GID con el especificado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +#, fuzzy +#| msgid "case_sensitive (boolean)" +msgid "case_sensitive (string)" msgstr "case_sensitive (boolean)" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 +#, fuzzy +#| msgid "" +#| "Treat user and group names as case sensitive. At the moment, this option " +#| "is not supported in the local provider." msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "Trata a los nombres de usuario y grupo como sensibles al teclado. En este " "momento, esta opción no está soportada en el proveedor local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" -msgstr "Predeterminado: True" +#: sssd.conf.5.xml:1916 +msgid "Default: True (False for AD provider)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2547,22 +2666,22 @@ msgstr "" "razones de rendimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2572,7 +2691,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -2580,23 +2699,23 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Por defecto: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2608,17 +2727,17 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "El proxy de destino PAM próximo a." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -2627,12 +2746,12 @@ msgstr "" "pam existente o crear una nueva y añadir el nombre de servicio aquí." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2643,7 +2762,7 @@ msgstr "" "$(function), por ejemplo _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -2652,12 +2771,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "La sección de dominio local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2668,29 +2787,29 @@ msgstr "" "utiliza <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "default_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "El shell predeterminado para los usuarios creados con herramientas de " "espacio de usuario SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "Predeterminado: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "base_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -2700,17 +2819,17 @@ msgstr "" "de inicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "Predeterminado: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -2719,17 +2838,17 @@ msgstr "" "Puede ser anulado desde la línea de comando." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "Predeterminado: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -2738,12 +2857,12 @@ msgstr "" "borrados. Puede ser anulado desde la línea de comando." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "homedir_umask (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2754,17 +2873,17 @@ msgstr "" "predeterminados en un directorio de inicio recién creado." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "Predeterminado: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "skel_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2777,17 +2896,17 @@ msgstr "" "<manvolnum>8</manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "Predeterminado: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "mail_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2798,17 +2917,17 @@ msgstr "" "Si no se especifica, se utiliza un valor por defecto." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "Predeterminado: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "userdel_cmd (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2819,18 +2938,19 @@ msgstr "" "único parámetro. El código de retorno del comando no es tenido en cuenta." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "Predeterminado: None, no se ejecuta comando" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 +#: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "EJEMPLO" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2884,7 +3004,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3066,7 +3186,7 @@ msgstr "" "http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "Ejemplos:" @@ -3295,7 +3415,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "El atributo LDAP que corresponde al id del grupo primario del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "Predeterminado: gidNumber" @@ -3349,27 +3469,11 @@ msgstr "Predeterminado: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "ldap_user_uuid (cadena)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" -"El atributo LDAP que contiene el GUID/UUID de un objeto de usuario LDAP." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "Predeterminado: nsUniqueId" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -3378,18 +3482,18 @@ msgstr "" "es normalmente sólo necesario para servidores ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" "Por defecto: objectSid para ActiveDirectory, no fijado para otros servidores." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -3398,17 +3502,17 @@ msgstr "" "objeto primario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "Predeterminado: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3421,17 +3525,17 @@ msgstr "" "citerefentry> homologo (fecha del último cambio de password)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "Predeterminado: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3444,17 +3548,17 @@ msgstr "" "citerefentry> homologo (edad mínima del password)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "Predeterminado: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3467,17 +3571,17 @@ msgstr "" "citerefentry> homologo (edad máxima del password)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "Predeterminado: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3490,17 +3594,17 @@ msgstr "" "citerefentry> homologo (período de aviso de password)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "Predeterminado: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3513,17 +3617,17 @@ msgstr "" "citerefentry> homologo (período de inactividad de password)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "Predeterminado: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -3537,17 +3641,17 @@ msgstr "" "expiración de la cuenta)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "Predeterminado: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -3558,17 +3662,17 @@ msgstr "" "de password en kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "Predeterminado: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -3578,17 +3682,17 @@ msgstr "" "el password actual." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "Predeterminado: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -3597,17 +3701,17 @@ msgstr "" "nombre de un atributo LDAP que almacena el tiempo de expiración de la cuenta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "Predeterminado: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -3617,17 +3721,17 @@ msgstr "" "de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "Predeterminado: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -3636,17 +3740,17 @@ msgstr "" "determina si el acceso está permitido o no." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "Predeterminado: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -3655,17 +3759,17 @@ msgstr "" "acceso está permitido o no." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "Predeterminado: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -3674,12 +3778,12 @@ msgstr "" "que fecha se concede el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -3688,17 +3792,17 @@ msgstr "" "hora de un día en la semana cuando se concede el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "Predeterminado: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -3707,24 +3811,24 @@ msgstr "" "del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "Predeterminado: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3734,7 +3838,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3742,46 +3846,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "El atributo LDAP que contiene las claves públicas SSH del usuario." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +#, fuzzy +#| msgid "Default: sudoRole" +msgid "Default: sshPublicKey" +msgstr "Por defecto: sudoRole" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3794,12 +3905,12 @@ msgstr "" "usar mayúsculas reales." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -3808,12 +3919,12 @@ msgstr "" "escondrijo de los registros enumerados." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3824,55 +3935,57 @@ msgstr "" "para guardar espacio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" "Establecer esta opción en cero desactivará la operación de limpieza de la " "caché." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" +#: sssd-ldap.5.xml:711 +#, fuzzy +#| msgid "Default: 10800 (12 hours)" +msgid "Default: 10800 (3 hours)" msgstr "Predeterminado: 10800 (12 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "El atributo LDAP que corresponde al nombre completo del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 -#: sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "Predeterminado: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "El atributo LDAP que lista los afiliación a grupo de usario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "Predeterminado: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -3883,7 +3996,7 @@ msgstr "" "usuario para determinar el privilegio de acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -3892,7 +4005,7 @@ msgstr "" "permiso explícito (svc) y finalmente permitir todo (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -3900,17 +4013,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "Predeterminado: iluminada" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -3921,7 +4034,7 @@ msgstr "" "el privilegio de acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -3930,7 +4043,7 @@ msgstr "" "SSSD para permiso explícito (host) y finalmente permitir todo (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -3938,77 +4051,67 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "Default: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "La clase de objeto de una entrada de grupo LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "Por defecto: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "ldap_group_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "El atributo LDAP que corresponde al nombre de grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "El atributo LDAP que corresponde al id del grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "ldap_group_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "El atributo LDAP que contiene los nombres de los miembros del grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Valor predeterminado: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "ldap_group_uuid (cadena)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "El atributo LDAP que contiene el UUID/GUID de un objeto de grupo LDAP." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -4017,24 +4120,24 @@ msgstr "" "normalmente sólo necesario para servidores ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4042,17 +4145,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4064,7 +4167,7 @@ msgstr "" "esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4074,7 +4177,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -4083,17 +4186,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "Predeterminado: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4104,7 +4207,7 @@ msgstr "" "despliegues con grupos complejos o profundamente anidados." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." @@ -4114,7 +4217,7 @@ msgstr "" "muy complejos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4125,7 +4228,7 @@ msgstr "" "esencialmente “auto-detect”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -4138,18 +4241,18 @@ msgstr "" "documentation</ulink> para más detalles." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 -#: sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 +#: sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "Por defecto: False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4160,80 +4263,85 @@ msgstr "" "notable cuando se trata con grupos complejos o profundamente anidados)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "Predeterminado: True" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "La clase de objeto de una entrada netgroup en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "En proveedor IPA, ipa_netgroup_object_class, se usaría en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "Predeterminado: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "El atributo LDAP que corresponde al nombre del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "Un proveedor IPA, ipa_netgroup_name sería usado en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" "El atributo LDAP que contiene los nombres de los miembros de grupo de red." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "Un proveedor IPA, ipa_netgroup_member sería usado en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "Predeterminado: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -4241,59 +4349,42 @@ msgstr "" "de red." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "Esta opción no está disponible en el proveedor IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "Predeterminado: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "ldap_netgroup_uuid (cadena)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" -"El atributo LDAP que contiene el UUID/GUID de un objeto de grupo de red LDAP." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "Un proveedor IPA ipa_netgroup_uuid sería usado en su lugar." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "La clase objeto de una entrada de servicio en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "Por defecto: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "ldap_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -4301,49 +4392,49 @@ msgstr "" "El atributo LDAP que contiene el nombre de servicio de atributos y sus alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "ldap_service_port (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "El atributo LDAP que contiene el puerto manejado por este servicio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "Por defecto: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" "El atributo LDAP que contiene los protocolos entendidos por este servicio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "Por defecto: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -4354,7 +4445,7 @@ msgstr "" "escondidos devueltos (y se entra en modo fuera de línea)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4365,12 +4456,12 @@ msgstr "" "espera para tipos específicos de búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4382,12 +4473,12 @@ msgstr "" "fuera de línea)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -4404,12 +4495,12 @@ msgstr "" "citerefentry> vuelve en caso de no actividad." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -4421,12 +4512,12 @@ msgstr "" "enlazador SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -4439,17 +4530,17 @@ msgstr "" "temprano (este valor contra el tiempo de vida TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "Predeterminado: 900 (15 minutos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -4458,17 +4549,17 @@ msgstr "" "Algunos servidores LDAP hacen cumplir un límite máximo por petición." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "Predeterminado: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -4479,7 +4570,7 @@ msgstr "" "RootDSE pero no está habilitado o no se comporta apropiadamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -4489,7 +4580,7 @@ msgstr "" "pero es incapaz de usarlo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -4500,17 +4591,17 @@ msgstr "" "puede ocasionar que algunas peticiones sean denegadas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -4520,12 +4611,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -4536,19 +4627,19 @@ msgstr "" "de esta opción son definidos por OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Por defecto: Usa el sistema por defecto (normalmente especificado por ldap." "conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -4559,7 +4650,7 @@ msgstr "" "deference. Si hay menos miembros desaparecidos, se buscarán individualmente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" @@ -4567,7 +4658,7 @@ msgstr "" "a 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -4580,7 +4671,7 @@ msgstr "" "soportados son 389/RHDS, OpenLDAP y Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -4591,12 +4682,12 @@ msgstr "" "será deshabilitado sin tener en cuenta este ajuste." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -4606,7 +4697,7 @@ msgstr "" "los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -4615,7 +4706,7 @@ msgstr "" "certificado de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4626,7 +4717,7 @@ msgstr "" "certificado malo, será ignorado y la sesión continua normalmente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4637,7 +4728,7 @@ msgstr "" "certificado malo, la sesión se termina inmediatamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -4648,22 +4739,22 @@ msgstr "" "termina inmediatamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "Predeterminado: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -4672,7 +4763,7 @@ msgstr "" "de Certificación que <command>sssd</command> reconocerá." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -4681,12 +4772,12 @@ msgstr "" "etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4700,33 +4791,33 @@ msgstr "" "para crear los nombres correctos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" "Especifica el fichero que contiene el certificado para la clave del cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "Especifica el archivo que contiene la clave del cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4737,12 +4828,12 @@ msgstr "" "conf</refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -4751,12 +4842,12 @@ msgstr "" "<systemitem class=\"protocol\">tls</systemitem> para proteger el canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4767,18 +4858,18 @@ msgstr "" "ldap_user_uid_number y ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Actualmente está función soporta sólo mapeos de objectSID de ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4789,17 +4880,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -4808,12 +4899,12 @@ msgstr "" "probado y soportado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4826,17 +4917,17 @@ msgstr "" "myhost@EXAMPLE.COM) o sólo en nombre principal (por ejemplo host/myhost)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "Por defecto: host/nombre_de_host@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4847,17 +4938,17 @@ msgstr "" "reino también, esta opción se ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "Por defecto: el valor de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -4866,34 +4957,34 @@ msgstr "" "para para canocalizar el nombre de host durante una unión SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "Predeterminado: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Especifica la keytab a usar cuando se utilice SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Por defecto: Keytab del sistema, normalmente <filename>/etc/krb5.keytab</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4904,27 +4995,27 @@ msgstr "" "es GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Especifica el tiempo de vida en segundos del TGT si se usa GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "Predeterminado: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4943,7 +5034,7 @@ msgstr "" "información, vea la sección <quote>SERVICE DISCOVERY</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4954,7 +5045,7 @@ msgstr "" "regresa a _tcp si no se encuentra nada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4966,29 +5057,29 @@ msgstr "" "configuración para usar <quote>krb5_server</quote> en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Especifica el REALM Kerberos (para autorización SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Predeterminado: Predeterminados del sistema, vea <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -4997,12 +5088,12 @@ msgstr "" "servidor LDAP. Esta función está disponible con MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5012,7 +5103,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5020,12 +5111,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -5034,7 +5125,7 @@ msgstr "" "del cliente. Los siguientes valores son permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -5043,7 +5134,7 @@ msgstr "" "no puede deshabilitar las políticas de password en el lado servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5054,7 +5145,7 @@ msgstr "" "manvolnum></citerefentry> para evaluar si la contraseña ha expirado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5066,26 +5157,26 @@ msgstr "" "password." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Especifica si el seguimiento de referencias automático debería ser " "habilitado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -5094,7 +5185,7 @@ msgstr "" "está compilado con OpenLDAP versión 2.4.13 o más alta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5107,29 +5198,29 @@ msgstr "" "esta opción a false le llevará a una notable mejora de rendimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nombre del servicio para utilizar cuando está habilitado el " "servicio de descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "Predeterminado: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -5139,17 +5230,17 @@ msgstr "" "descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Por defecto: no fijado, esto es servicio descubridor deshabilitado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -5158,12 +5249,12 @@ msgstr "" "desde el Epoch después de una operación de cambio de contraseña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5179,12 +5270,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "Ejemplo:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5193,14 +5284,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5213,17 +5304,17 @@ msgstr "" "obteniendo acceso mientras esté fuera de línea y viceversa." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "Predeterminado: vacío" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -5232,7 +5323,7 @@ msgstr "" "control de acceso del lado cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5243,12 +5334,12 @@ msgstr "" "una código de error definible aunque el password sea correcto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "Los siguientes valores están permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -5257,7 +5348,7 @@ msgstr "" "determinar si la cuenta ha expirado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5270,7 +5361,7 @@ msgstr "" "se comprueba el tiempo de expiración de la cuenta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5281,7 +5372,7 @@ msgstr "" "el acceso o no." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5294,7 +5385,7 @@ msgstr "" "permitido. Si ambos atributos están desaparecidos se concede el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5302,29 +5393,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Lista separada por coma de opciones de control de acceso. Los valores " "permitidos son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filtro</emphasis>: utilizar ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>caducar</emphasis>: utilizar ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -5333,18 +5432,18 @@ msgstr "" "autorizedService para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: usa el atributo host para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "Predeterminado: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -5353,12 +5452,38 @@ msgstr "" "una vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +#, fuzzy +#| msgid "ldap_pwd_policy (string)" +msgid "ldap_pwdlockout_dn (string)" +msgstr "ldap_pwd_policy (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -5367,13 +5492,13 @@ msgstr "" "lleva a cabo una búsqueda. Están permitidas las siguientes opciones:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: Nunca serán eliminadas las referencias al alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -5383,7 +5508,7 @@ msgstr "" "búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -5392,7 +5517,7 @@ msgstr "" "cuando se localice el objeto base de la búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -5401,7 +5526,7 @@ msgstr "" "para la búsqueda como en la localización del objeto base de la búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -5410,12 +5535,12 @@ msgstr "" "librerías cliente LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -5424,7 +5549,7 @@ msgstr "" "servidores que usan el esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -5442,7 +5567,7 @@ msgstr "" "llamadas getpw*() o initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -5468,12 +5593,12 @@ msgstr "" "completos. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "OPCIONES SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -5481,52 +5606,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "El objeto clase de una regla de entrada sudo en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "Por defecto: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "El atributo LDAP que corresponde a la regla nombre de sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "El atributo LDAP que corresponde al nombre de comando." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "Por defecto: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -5535,17 +5660,17 @@ msgstr "" "red IP del host o grupo de red del host)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "Por defecto: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -5554,32 +5679,32 @@ msgstr "" "grupo o grupo de red del usuario)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "Por defecto: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "El atributo LDAP que corresponde a las opciones sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "Por defecto: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -5588,17 +5713,17 @@ msgstr "" "pueden ejecutar como." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "Por defectot: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -5607,17 +5732,17 @@ msgstr "" "ejecutar comandos como." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "Por defecto: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -5626,17 +5751,17 @@ msgstr "" "regla sudo es válida." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "Por defecto: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -5645,32 +5770,32 @@ msgstr "" "la regla sudo dejará de ser válida." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "Por defecto: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "El atributo LDAP que corresponde al índice de ordenación de la regla." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "Por defecto: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -5680,7 +5805,7 @@ msgstr "" "servidor)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -5689,17 +5814,17 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "Por defecto: 21600 (6 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -5710,7 +5835,7 @@ msgstr "" "USBN más alto que el USN más alto de las reglas escondidas)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -5719,12 +5844,12 @@ msgstr "" "atributo modifyTimestamp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -5733,12 +5858,12 @@ msgstr "" "máquina (usando las direcciones de host/red y nombres de host IPv4 o IPv6)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -5747,7 +5872,7 @@ msgstr "" "totalmente cualificados que sería usada para filtrar las reglas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -5756,8 +5881,8 @@ msgstr "" "nombre de dominio totalmente cualificado automáticamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -5766,17 +5891,17 @@ msgstr "" "emphasis> esta opción no tiene efecto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "Por defecto: no especificado" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -5785,7 +5910,7 @@ msgstr "" "usada para filtrar las reglas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -5794,12 +5919,12 @@ msgstr "" "automáticamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "sudo_include_netgroups (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -5808,12 +5933,12 @@ msgstr "" "atributo sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -5822,7 +5947,7 @@ msgstr "" "atributo sudoHost." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -5835,12 +5960,12 @@ msgstr "" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "OPCIONES AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." @@ -5849,62 +5974,62 @@ msgstr "" "defecto del RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "El objeto clase de una entrada de mapa de automontaje en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "Por defecto: automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "El nombre de una entrada de mapa de automontaje en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "Por defecto: ou" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -5913,17 +6038,17 @@ msgstr "" "normalmente a un punto de montaje." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "Por defecto: automountInformation" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5932,37 +6057,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "OPCIONES AVANZADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5974,7 +6099,7 @@ msgstr "" ">" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5985,7 +6110,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -6005,20 +6130,20 @@ msgstr "" " cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 -#: sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 +#: sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6627,7 +6752,7 @@ msgstr "" "host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "" @@ -6642,7 +6767,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -6660,12 +6785,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -6686,12 +6811,12 @@ msgid "Default: 1200 (seconds)" msgstr "Por defecto: 1200 (segundos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -6733,12 +6858,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -6746,12 +6871,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -6770,19 +6895,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -6886,7 +7011,7 @@ msgstr "" "Verifica con la ayuda de krb5_keytab que el TGT obtenido no ha sido burlado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6987,7 +7112,7 @@ msgstr "" "muchas peticiones de control de acceso hechas en un corto período." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "Predeterminado: 5 (segundos)" @@ -7494,8 +7619,407 @@ msgstr "" msgid "Default: permissive" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +#, fuzzy +#| msgid "ldap_purge_cache_timeout (integer)" +msgid "ad_gpo_cache_timeout (integer)" +msgstr "ldap_purge_cache_timeout (entero)" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 +#, fuzzy +#| msgid "" +#| "The amount of time between lookups of the HBAC rules against the IPA " +#| "server. This will reduce the latency and load on the IPA server if there " +#| "are many access-control requests made in a short period." +msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" +"La cantidad de tiempo entre vbúsquedas de las reglas HBAC contra el servidor " +"IPA. Esto reducirá la latencia y la carga sobre el servidor IPA si hay " +"muchas peticiones de control de acceso hechas en un corto período." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_interactive (string)" +msgstr "ad_domain (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>login</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 +#: sssd-ad.5.xml:559 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +#, fuzzy +#| msgid "login UID" +msgid "login" +msgstr "UID de acceso" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +#, fuzzy +#| msgid "password" +msgid "gdm-password" +msgstr "contraseña" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +#, fuzzy +#| msgid "ldap_user_shadow_inactive (string)" +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "ldap_user_shadow_inactive (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>sshd</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_network (string)" +msgstr "ad_domain (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>ftp</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_batch (string)" +msgstr "ad_domain (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>crond</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +#, fuzzy +#| msgid "ldap_service_name (string)" +msgid "ad_gpo_map_service (string)" +msgstr "ldap_service_name (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +msgid "" +"It is possible to add a PAM service name to the default set by using <quote>" +"+service_name</quote>. Since the default set is empty, it is not possible " +"to remove a PAM service name from the default set. For example, in order to " +"add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " +"would use the following configuration: <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_permit (string)" +msgstr "ad_domain (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +#, fuzzy +#| msgid "sssd-sudo" +msgid "sudo" +msgstr "sssd-sudo" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_deny (string)" +msgstr "ad_domain (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +#, fuzzy +#| msgid "ldap_default_authtok (string)" +msgid "ad_gpo_default_right (string)" +msgstr "ldap_default_authtok (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +msgid "Supported values for this option include:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +#, fuzzy +#| msgid "services" +msgid "service" +msgstr "servicios" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +#, fuzzy +#| msgid "Default: cn" +msgid "Default: deny" +msgstr "Predeterminado: cn" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -7506,29 +8030,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -7539,7 +8063,7 @@ msgstr "" "Este ejemplo muestra sólo las opciones específicas del proveedor AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -7563,7 +8087,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7575,7 +8099,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -7586,10 +8110,13 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> @@ -8059,28 +8586,33 @@ msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" -"Le dice a SSSD que simule la operación fuera de línea por un minuto. Esto es " -"mayormente útil para propósitos de prueba." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 +#, fuzzy +#| msgid "" +#| "Tells the SSSD to go online immediately. This is mostly useful for " +#| "testing purposes." msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" "Le dice a SSD que se ponga en línea inmediatamente. Esto es mayormente útil " "para propósitos de prueba." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -9437,6 +9969,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 +#, fuzzy +#| msgid "" +#| "<option>-u</option>,<option>--user</option> <replaceable>login</" +#| "replaceable>" +msgid "" +"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" +"replaceable>" +msgstr "" +"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:167 +#, fuzzy +#| msgid "Invalidate specific user." +msgid "Invalidate SSH public keys of a specific host." +msgstr "Invalida el usuario específico." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +#, fuzzy +#| msgid "<option>-s</option>,<option>--stdin</option>" +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "<option>-s</option>,<option>--stdin</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +#, fuzzy +#| msgid "" +#| "Invalidate all autofs maps. This option overrides invalidation of " +#| "specific map if it was also set." +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" +"Invalida todos los mapas autofs. Esta opción anula la invalidación de mapa " +"específico si fue fijada." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>domain</" "replaceable>" @@ -9445,7 +10016,7 @@ msgstr "" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_cache.8.xml:167 +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "Restringe el proceso de invalidación sólo a un dominio concreto." @@ -9778,6 +10349,184 @@ msgstr "" msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" +"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " +"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" +"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " +"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" +"author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +#, fuzzy +#| msgid "sss_groupmod" +msgid "sss_rpcidmapd" +msgstr "sss_groupmod" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "CONFIGURATION FILE" +msgstr "OPCIONES DE CONFIGURACIÓN" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +#, fuzzy +#| msgid "" +#| "Specifies acceptable cipher suites. Typically this is a colon sperated " +#| "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " +#| "<manvolnum>5</manvolnum></citerefentry> for format." +msgid "" +"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." +"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." +msgstr "" +"Especifica los conjuntos aceptables de cifrado. Normalmente es una lista " +"separada por dos puntos. Vea el formato en <citerefentry><refentrytitle>ldap." +"conf</refentrytitle> <manvolnum>5</manvolnum></citerefentry>." + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "SSS CONFIGURATION EXTENSION" +msgstr "OPCIONES DE CONFIGURACIÓN" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +#, fuzzy +#| msgid "The [sssd] section" +msgid "[sss] config section" +msgstr "La sección [sssd]" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +#, fuzzy +#| msgid "Configuration" +msgid "Configuration attributes" +msgstr "Configuración" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +#, fuzzy +#| msgid "enumerate (bool)" +msgid "memcache (bool)" +msgstr "enumerar (bool)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +#, fuzzy +#| msgid "" +#| "The following example shows a typical SSSD config. It does not describe " +#| "configuration of the domains themselves - refer to documentation on " +#| "configuring domains for more details. <placeholder type=\"programlisting" +#| "\" id=\"0\"/>" +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"El siguiente ejemplo muestra una configuración SSSD típica. No describe la " +"configuración de los dominios en si mismos – vea la documentación sobre la " +"configuración de dominios para más detalles. <placeholder type=" +"\"programlisting\" id=\"0\"/>" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "VEA TAMBIEN" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +#, fuzzy +#| msgid "" +#| "This manual page describes how to configure <citerefentry> " +#| "<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </" +#| "citerefentry> to work with <citerefentry> <refentrytitle>sssd</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> and how SSSD " +#| "caches sudo rules." +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" +"Esta página de manual describe como configurar <citerefentry> " +"<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> " +"para trabajar con <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> y como SSSD esconde reglas sudo." + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -10801,11 +11550,6 @@ msgstr "" "command> y <command>sss_group*</command> usan un almacenamiento LDB local " "para almacenar usuarios y grupos." -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "VEA TAMBIEN" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 msgid "" @@ -10846,7 +11590,9 @@ msgid "" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" msgstr "" #. type: Content of: <listitem><para> @@ -11006,3 +11752,41 @@ msgstr "" #: include/homedir_substring.xml:15 msgid "Default: /home" msgstr "" + +#~ msgid "ldap_user_uuid (string)" +#~ msgstr "ldap_user_uuid (cadena)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP user object." +#~ msgstr "" +#~ "El atributo LDAP que contiene el GUID/UUID de un objeto de usuario LDAP." + +#~ msgid "Default: nsUniqueId" +#~ msgstr "Predeterminado: nsUniqueId" + +#~ msgid "ldap_group_uuid (string)" +#~ msgstr "ldap_group_uuid (cadena)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP group object." +#~ msgstr "" +#~ "El atributo LDAP que contiene el UUID/GUID de un objeto de grupo LDAP." + +#~ msgid "ldap_netgroup_uuid (string)" +#~ msgstr "ldap_netgroup_uuid (cadena)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." +#~ msgstr "" +#~ "El atributo LDAP que contiene el UUID/GUID de un objeto de grupo de red " +#~ "LDAP." + +#~ msgid "In IPA provider, ipa_netgroup_uuid should be used instead." +#~ msgstr "Un proveedor IPA ipa_netgroup_uuid sería usado en su lugar." + +#~ msgid "" +#~ "Tells the SSSD to simulate offline operation for one minute. This is " +#~ "mostly useful for testing purposes." +#~ msgstr "" +#~ "Le dice a SSSD que simule la operación fuera de línea por un minuto. Esto " +#~ "es mayormente útil para propósitos de prueba." diff --git a/src/man/po/eu.po b/src/man/po/eu.po index d0f4feab3..d706f63c9 100644 --- a/src/man/po/eu.po +++ b/src/man/po/eu.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.8.95\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-06-04 19:59+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: 2012-07-18 21:31+0300\n" "Last-Translator: Automatically generated\n" "Language-Team: none\n" @@ -23,8 +23,8 @@ msgstr "" #: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 #: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 #: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 -#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 -#: sss_ssh_knownhostsproxy.1.xml:5 +#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 +#: sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "" @@ -120,14 +120,14 @@ msgstr "" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 -#: sssd-ifp.5.xml:11 +#: sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 -#: sssd-ifp.5.xml:12 +#: sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "" @@ -219,11 +219,11 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 -#: sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 -#: sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 +#: sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 +#: sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 #: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "" @@ -238,16 +238,16 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 -#: sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 +#: sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -269,7 +269,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "" @@ -284,7 +284,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "" @@ -321,19 +321,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "" @@ -353,7 +353,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "" @@ -373,12 +373,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -386,39 +386,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -516,12 +516,42 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 -#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 -#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +msgid "override_space (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +msgid "Default: not set (spaces will not be replaced)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -534,12 +564,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -548,22 +578,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -573,17 +603,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -591,19 +621,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 -#: sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 -#: sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 +#: sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 +#: sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the <quote>timeout</" "quote> option), it is first sent the SIGTERM signal that instructs it to " @@ -613,53 +643,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +msgid "offline_timeout + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -667,7 +722,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -677,7 +732,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -686,17 +741,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -704,17 +759,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -723,41 +778,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -765,22 +820,22 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -788,186 +843,186 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -975,59 +1030,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1035,7 +1090,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1044,17 +1099,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1062,31 +1117,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1097,34 +1152,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1132,51 +1187,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1188,7 +1243,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1199,24 +1254,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1224,12 +1279,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1238,24 +1293,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1264,47 +1319,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1316,14 +1371,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1332,39 +1387,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1373,24 +1428,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1401,137 +1456,150 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 -#: sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1540,17 +1608,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1559,33 +1627,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1593,8 +1661,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 -#: sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1603,8 +1671,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1612,19 +1680,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1633,7 +1701,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -1641,17 +1709,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -1659,19 +1727,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1679,7 +1747,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1687,30 +1755,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1718,19 +1786,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1739,24 +1807,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1764,7 +1832,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1772,35 +1840,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1808,32 +1876,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 -#: sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -1844,12 +1912,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1857,7 +1925,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1865,31 +1933,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1897,23 +1965,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1921,7 +1989,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1929,24 +1997,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1954,12 +2022,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -1969,7 +2037,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -1978,29 +2046,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2008,7 +2076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2016,66 +2084,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2083,62 +2151,95 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 -#: sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +msgid "case_sensitive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" +#: sssd.conf.5.xml:1916 +msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2147,22 +2248,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2172,29 +2273,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2202,29 +2303,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2232,19 +2333,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2252,73 +2353,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2326,17 +2427,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2345,17 +2446,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2363,17 +2464,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2381,18 +2482,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 +#: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2422,7 +2524,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2568,7 +2670,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "" @@ -2768,7 +2870,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "" @@ -2819,60 +2921,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2881,17 +2968,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2900,17 +2987,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2919,17 +3006,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2938,17 +3025,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2957,17 +3044,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -2976,17 +3063,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -2994,155 +3081,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3152,7 +3239,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3160,46 +3247,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +msgid "Default: sshPublicKey" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3208,24 +3300,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3233,53 +3325,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" +#: sssd-ldap.5.xml:711 +msgid "Default: 10800 (3 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 -#: sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -3287,14 +3379,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -3302,17 +3394,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -3320,14 +3412,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -3335,101 +3427,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -3437,17 +3519,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3455,7 +3537,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -3465,7 +3547,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -3474,17 +3556,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3492,14 +3574,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3507,7 +3589,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3516,18 +3598,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 -#: sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 +#: sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3535,184 +3617,173 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3720,7 +3791,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3728,12 +3799,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3741,12 +3812,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3757,12 +3828,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3770,12 +3841,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3784,34 +3855,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3819,14 +3890,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3834,17 +3905,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3854,12 +3925,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3867,17 +3938,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3885,13 +3956,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3900,7 +3971,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3908,26 +3979,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3935,7 +4006,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3943,7 +4014,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3951,41 +4022,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -3994,32 +4065,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4027,24 +4098,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4052,17 +4123,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4073,29 +4144,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4104,17 +4175,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4122,49 +4193,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4172,27 +4243,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4204,7 +4275,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4212,7 +4283,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4220,39 +4291,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4262,7 +4333,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4270,26 +4341,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4297,7 +4368,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4305,31 +4376,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4338,56 +4409,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4403,12 +4474,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4417,14 +4488,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4433,24 +4504,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4458,19 +4529,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4479,7 +4550,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4487,7 +4558,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4496,7 +4567,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4504,108 +4575,140 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +msgid "ldap_pwdlockout_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4616,7 +4719,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4634,12 +4737,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4647,208 +4750,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4856,101 +4959,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4959,91 +5062,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5052,37 +5155,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5090,7 +5193,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5098,7 +5201,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5111,20 +5214,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 -#: sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 +#: sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5606,7 +5709,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "" @@ -5621,7 +5724,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5636,12 +5739,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5662,12 +5765,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5709,12 +5812,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5722,12 +5825,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5746,19 +5849,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5852,7 +5955,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -5939,7 +6042,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "" @@ -6393,9 +6496,372 @@ msgstr "" msgid "Default: permissive" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +msgid "ad_gpo_map_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>login</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 +#: sssd-ad.5.xml:559 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>sshd</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +msgid "ad_gpo_map_network (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>ftp</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +msgid "ad_gpo_map_batch (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>crond</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +msgid "ad_gpo_map_service (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +msgid "" +"It is possible to add a PAM service name to the default set by using <quote>" +"+service_name</quote>. Since the default set is empty, it is not possible " +"to remove a PAM service name from the default set. For example, in order to " +"add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " +"would use the following configuration: <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +msgid "ad_gpo_map_permit (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +msgid "ad_gpo_map_deny (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +msgid "ad_gpo_default_right (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +msgid "Supported values for this option include:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +msgid "service" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +msgid "Default: deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6405,29 +6871,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6435,7 +6901,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6450,7 +6916,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6459,7 +6925,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6467,10 +6933,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> @@ -6846,24 +7315,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -8031,12 +8503,36 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" "replaceable>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:167 +msgid "Invalidate SSH public keys of a specific host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "" @@ -8333,6 +8829,143 @@ msgstr "" msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" +"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " +"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" +"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " +"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" +"author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +msgid "sss_rpcidmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +msgid "CONFIGURATION FILE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +msgid "" +"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." +"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +msgid "SSS CONFIGURATION EXTENSION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +msgid "[sss] config section" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +msgid "Configuration attributes" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +msgid "memcache (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -9163,11 +9796,6 @@ msgid "" "local LDB storage to store users and groups." msgstr "" -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 msgid "" @@ -9208,7 +9836,9 @@ msgid "" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" msgstr "" #. type: Content of: <listitem><para> diff --git a/src/man/po/fr.po b/src/man/po/fr.po index 51a1f9e63..e149705f5 100644 --- a/src/man/po/fr.po +++ b/src/man/po/fr.po @@ -13,7 +13,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-07-09 19:18+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: 2014-07-08 11:31+0000\n" "Last-Translator: Jérôme Fenal <jfenal@gmail.com>\n" "Language-Team: French (http://www.transifex.com/projects/p/sssd/language/" @@ -31,8 +31,8 @@ msgstr "" #: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 #: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 #: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 -#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 -#: sss_ssh_knownhostsproxy.1.xml:5 +#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 +#: sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "Pages de manuel de SSSD" @@ -142,14 +142,14 @@ msgstr "sssd.conf" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 -#: sssd-ifp.5.xml:11 +#: sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 -#: sssd-ifp.5.xml:12 +#: sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "Formats de fichier et conventions" @@ -263,11 +263,11 @@ msgid "Add a timestamp to the debug messages" msgstr "Ajoute un horodatage aux messages de débogage" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 -#: sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 -#: sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 +#: sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 +#: sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 #: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "Par défaut : true" @@ -282,16 +282,16 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "Ajouter les microsecondes à l'horodatage dans les messages de débogage" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 -#: sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 +#: sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "Par défaut : false" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -315,7 +315,7 @@ msgstr "" "s'assurer que le processus est toujours actif et capable de répondre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "Par défaut : 10" @@ -330,7 +330,7 @@ msgid "The [sssd] section" msgstr "La section [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "Paramètres de sections" @@ -375,12 +375,12 @@ msgstr "" "\">, pac</phrase> <phrase condition=\"with_ifp\">, ifp</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" @@ -390,7 +390,7 @@ msgstr "" "d'abandonner" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "Par défaut : 3" @@ -416,7 +416,7 @@ msgstr "" "caractères soulignés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "re_expression (chaîne)" @@ -442,12 +442,12 @@ msgstr "" "expressions régulières." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "full_name_format (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -459,33 +459,33 @@ msgstr "" "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "nom d'utilisateur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "" "nom de domaine tel qu'indiqué dans le fichier de configuration de SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -495,7 +495,7 @@ msgstr "" "d'approbation IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -624,12 +624,46 @@ msgstr "" "user@domain.name, pour se connecter." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 -#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 -#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "Par défaut : non défini" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +#, fuzzy +#| msgid "override_shell (string)" +msgid "override_space (string)" +msgstr "override_shell (string)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +#, fuzzy +#| msgid "Default: not set, i.e. FAST is not used." +msgid "Default: not set (spaces will not be replaced)" +msgstr "Par défaut : non défini, i.e. FAST n'est pas utilisé." + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -648,12 +682,12 @@ msgstr "" "l'identité des domaines. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "SECTIONS DE SERVICES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -666,22 +700,22 @@ msgstr "" "section doit être <quote>[nss]</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "Options générales de configuration de service" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "Ces options peuvent être utilisées pour configurer les services." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -696,17 +730,17 @@ msgstr "" "valeur inférieure ou la limite « hard » de limits.conf." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "Par défault : 8192 (ou la limite « hard » de limits.conf)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -718,19 +752,19 @@ msgstr "" "ressources sur le système." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 -#: sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 -#: sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 +#: sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 +#: sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "Par défaut : 60" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "force_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the <quote>timeout</" "quote> option), it is first sent the SIGTERM signal that instructs it to " @@ -745,29 +779,52 @@ msgstr "" "l'aide d'un signal SIGKILL." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "offline_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +#, fuzzy +#| msgid "offline_timeout (integer)" +msgid "offline_timeout + random_offset" +msgstr "offline_timeout (entier)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" -"Si SSSD est en mode hors-ligne, et que la dernière tentative de passage en " -"mode en ligne date de moins que le nombre de secondes indiqué dans cette " -"option, les nouvelles demandes de données n'entraineront pas de tentative de " -"mise en ligne." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "Options de configuration NSS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -775,12 +832,12 @@ msgstr "" "Switch (NSS)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -789,17 +846,17 @@ msgstr "" "énumérations (requêtes sur les informations de tous les utilisateurs)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "Par défaut : 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -810,7 +867,7 @@ msgstr "" "valeur de entry_cache_timeout pour le domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -826,7 +883,7 @@ msgstr "" "cache." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -839,17 +896,17 @@ msgstr "" "de non réponse à moins de 10 secondes (0 pour désactiver l'option)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "Par défaut : 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -861,17 +918,17 @@ msgstr "" "appel au moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "Par défaut : 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -885,17 +942,17 @@ msgstr "" "certain domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "Par défaut : root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -903,12 +960,12 @@ msgstr "" "membres de groupes." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "fallback_homedir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -917,7 +974,7 @@ msgstr "" "explicitement spécifié par le fournisseur de données du domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -925,7 +982,7 @@ msgstr "" "override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -935,24 +992,24 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "exemple : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Par défaut : non défini (aucune substitution pour les répertoires d'accueil " "non définis)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "override_shell (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -964,17 +1021,17 @@ msgstr "" "section [nss], soit par domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "Par défaut : indéfini (SSSD utilisera la valeur récupérée de LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "allowed_shells (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -982,14 +1039,14 @@ msgstr "" "indiquées. L'ordre d'évaluation est :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. Si l'interpréteur de commandes est présent dans <quote>/etc/shells</" "quote>, il est utilisé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -999,7 +1056,7 @@ msgstr "" "shell_fallback » sera utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1008,14 +1065,14 @@ msgstr "" "ni dans <quote>/etc/shells</quote>, une connexion sans shell est utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "" "Une chaîne vide pour l'interpréteur de commandes est passée telle quelle est " "à la libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1025,31 +1082,31 @@ msgstr "" "est installé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "" "Par défaut : non défini. L'interpréteur de commandes de l'utilisateur est " "utilisé automatiquement." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "vetoed_shells (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" "Remplace toutes les occurences de ces interpréteurs de commandes par " "l'interpréteur de commandes par défaut" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "shell_fallback (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1057,17 +1114,17 @@ msgstr "" "commandes autorisé n'est pas installé sur la machine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "Par défaut : /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1077,7 +1134,7 @@ msgstr "" "choix soit dans la section [nss], soit par domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1087,12 +1144,12 @@ msgstr "" "nécessaire, habituellement /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (int)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1101,12 +1158,12 @@ msgstr "" "jugée valide." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "memcache_timeout (int)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" @@ -1115,17 +1172,17 @@ msgstr "" "mémoire seront valides" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "Par défaut : 300" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "Options de configuration de PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1134,12 +1191,12 @@ msgstr "" "Module (PAM)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1149,17 +1206,17 @@ msgstr "" "connexion réussie)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "Par défaut : 0 (pas de limite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1168,12 +1225,12 @@ msgstr "" "échouées sont autorisées." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1183,7 +1240,7 @@ msgstr "" "soit possible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1194,17 +1251,17 @@ msgstr "" "connexion réussie en ligne peut réactiver l'authentification." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "Par défaut : 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1214,44 +1271,44 @@ msgstr "" "affichés sera important." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "Actuellement sssd supporte les valeurs suivantes :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis> : ne pas afficher de message" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis> : afficher seulement les messages importants" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis> : afficher les messages d'information" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis> : afficher tous les messages et informations de " "débogage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "Par défaut : 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1263,7 +1320,7 @@ msgstr "" "les dernières informations." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1277,17 +1334,17 @@ msgstr "" "fournisseur d'identité." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "Afficher une alerte N jours avant l'expiration du mot de passe." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1298,7 +1355,7 @@ msgstr "" "ne peut afficher de message d'alerte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1308,7 +1365,7 @@ msgstr "" "sera automatiquement affiché." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1317,17 +1374,17 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> pour un domaine particulier." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "Par défaut : 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "Options de configuration de SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1338,12 +1395,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "sudo_timed (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -1352,22 +1409,22 @@ msgstr "" "les entrées sudoers sensibles au temps." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "Options de configuration AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "Ces options peuvent être utilisées pour configurer le service autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1379,23 +1436,23 @@ msgstr "" "moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "Options de configuration SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le service SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -1403,12 +1460,12 @@ msgstr "" "Condenser ou non les noms de systèmes et adresses du fichier known_hosts" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -1417,17 +1474,17 @@ msgstr "" "known_hosts géré après que ses clés de système ont été demandés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "Par défaut : 180" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "Options de configuration du répondeur PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1446,7 +1503,7 @@ msgstr "" "décodées et évaluées, les opérations suivantes sont effectuées :" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1464,7 +1521,7 @@ msgstr "" "default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -1473,19 +1530,19 @@ msgstr "" "ajouté à ces groupes." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le répondeur " "PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1496,14 +1553,14 @@ msgstr "" "seront résolus en UID au démarrage." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Par défaut : 0 (seul l'utilisateur root est autorisé à accéder au répondeur " "PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1516,17 +1573,17 @@ msgstr "" "0 à la liste des UID d'utilisateurs autorisés." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "SECTIONS DOMAINES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -1535,7 +1592,7 @@ msgstr "" "dehors de ces limites, elle est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1548,7 +1605,7 @@ msgstr "" "qui sont dans la plage seront rapportés comme prévu." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -1557,17 +1614,17 @@ msgstr "" "pas seulement leur recherche par nom ou identifiant." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Default: 1 for min_id, 0 (no limit) for max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "enumerate (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" @@ -1576,23 +1633,23 @@ msgstr "" "valeurs suivantes :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = utilisateurs et groupes sont énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = aucune énumération pour ce domaine" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "Par défaut : FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1613,7 +1670,7 @@ msgstr "" "être recalculées." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -1623,7 +1680,7 @@ msgstr "" "l'énumération ne se termine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1637,7 +1694,7 @@ msgstr "" "fournisseur d'identité spécifique utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -1646,32 +1703,32 @@ msgstr "" "déconseillée, surtout dans les environnements de grande taille." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "Tous les domaines approuvés découverts seront énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "Aucun domaine approuvé découvert ne sera énuméré" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1685,17 +1742,17 @@ msgstr "" "activer l'énumération pour ces seuls domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "Par défaut : aucun" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -1704,7 +1761,7 @@ msgstr "" "comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1715,17 +1772,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "Par défaut : 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -1734,18 +1791,19 @@ msgstr "" "d'utilisateurs comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 -#: sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "Par défaut : entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -1754,12 +1812,12 @@ msgstr "" "groupes comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -1768,12 +1826,12 @@ msgstr "" "netgroup comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -1782,12 +1840,12 @@ msgstr "" "service valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -1796,12 +1854,12 @@ msgstr "" "valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -1810,59 +1868,79 @@ msgstr "" "cartes d'automontage comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +#, fuzzy +#| msgid "entry_cache_sudo_timeout (integer)" +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "entry_cache_sudo_timeout (integer)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +#, fuzzy +#| msgid "" +#| "How many seconds to keep a host in the managed known_hosts file after its " +#| "host keys were requested." +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" +"La durée en secondes pendant laquelle conserver un système dans le fichier " +"known_hosts géré après que ses clés de système ont été demandés." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Il est envisageable de configurer cette valeur à 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "Par défaut : 0 (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "cache_credentials (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Détermine si les données d'identification de l'utilisateur sont aussi mis en " "cache dans le cache LDB local" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Les informations d'identification utilisateur sont stockées dans une table " "de hachage SHA512, et non en texte brut" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1875,17 +1953,17 @@ msgstr "" "paramètre doit être supérieur ou égal à offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "Par défaut : 0 (illimité)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1898,17 +1976,17 @@ msgstr "" "fournisseur oauth doit être configuré pour le moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Par défaut : 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "id_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -1916,18 +1994,18 @@ msgstr "" "d'identification pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "<quote>proxy</quote> : prise en charge de l'ancien fournisseur NSS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" "<quote>local</quote> : Fournisseur interne SSSD pour les utilisateurs locaux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1939,8 +2017,8 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 -#: sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1953,8 +2031,8 @@ msgstr "" "configuration de FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1966,12 +2044,12 @@ msgstr "" "d'Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -1981,7 +2059,7 @@ msgstr "" "communiqué à NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1995,7 +2073,7 @@ msgstr "" "trouve." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2003,17 +2081,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "Ne pas envoyer les membres des groupes sur les recherches de groupes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2024,12 +2102,12 @@ msgstr "" "traitement des appels de recherche de groupes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "auth_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -2038,7 +2116,7 @@ msgstr "" "pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2050,7 +2128,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2061,7 +2139,7 @@ msgstr "" "citerefentry> pour plus d'informations sur la configuration de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -2069,12 +2147,12 @@ msgstr "" "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> désactive l'authentification explicitement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -2083,12 +2161,12 @@ msgstr "" "gérer les requêtes d'authentification." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "access_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2099,7 +2177,7 @@ msgstr "" "installés). Les fournisseurs internes spécifiques sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -2108,12 +2186,12 @@ msgstr "" "d'accès autorisé pour un domaine local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> toujours refuser les accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2126,17 +2204,17 @@ msgstr "" "d'informations sur la configuration du module d'accès simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "Par défaut : <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "chpass_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -2145,7 +2223,7 @@ msgstr "" "domaine. Les fournisseurs pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2157,7 +2235,7 @@ msgstr "" "configuration LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2169,7 +2247,7 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -2177,14 +2255,14 @@ msgstr "" "autre cible PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> pour désactiver explicitement le changement de mot de " "passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -2193,19 +2271,19 @@ msgstr "" "peut gérer les changements de mot de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "sudo_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Le fournisseur SUDO, utilisé pour le domaine. Les fournisseurs SUDO pris en " "charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2217,34 +2295,34 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> désactive explicitement SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 -#: sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Par défaut : La valeur de <quote>id_provider</quote> est utilisée si elle " "est définie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2255,12 +2333,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "selinux_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2271,7 +2349,7 @@ msgstr "" "fournisseur d'accès. Les fournisseurs selinux pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2283,14 +2361,14 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> n'autorise pas la récupération explicite des paramètres " "selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -2299,12 +2377,12 @@ msgstr "" "gérer le chargement selinux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "subdomains_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -2314,7 +2392,7 @@ msgstr "" "fournisseurs de sous-domaine pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2326,18 +2404,18 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" "<quote>none</quote> désactive la récupération explicite des sous-domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "autofs_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -2345,7 +2423,7 @@ msgstr "" "en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2357,7 +2435,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2369,17 +2447,17 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> désactive explicitement autofs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "hostid_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -2388,7 +2466,7 @@ msgstr "" "systèmes. Les fournisseurs de hostid pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2400,12 +2478,12 @@ msgstr "" "configuration de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> désactive explicitement hostid." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2421,7 +2499,7 @@ msgstr "" "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2434,22 +2512,22 @@ msgstr "" "styles différents pour les noms d'utilisateurs :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -2459,7 +2537,7 @@ msgstr "" "utilisateurs de domaines Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2470,7 +2548,7 @@ msgstr "" "importe le domaine après »" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2482,7 +2560,7 @@ msgstr "" "prendre en charge les sous-motifs nommés multiples." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -2491,17 +2569,17 @@ msgstr "" "la syntaxe Python (?P<name>) pour nommer les sous-motifs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Par défaut : <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "lookup_family_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -2510,48 +2588,48 @@ msgstr "" "utiliser pour effectuer les requêtes DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "Valeurs prises en charge :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first : essayer de chercher une adresse IPv4, et en cas d'échec, " "essayer IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first : essayer de chercher une adresse IPv6, et en cas d'échec, tenter " "IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "Par défaut : ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2562,18 +2640,18 @@ msgstr "" "domaine continuera à opérer en mode déconnecté." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 -#: sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "Par défaut : 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -2582,48 +2660,89 @@ msgstr "" "du domaine faisant partie de la requête DNS de découverte de services." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Par défaut : utiliser la partie du domaine qui est dans le nom de système de " "la machine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "override_gid (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "Redéfinit le GID primaire avec la valeur spécifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +#, fuzzy +#| msgid "case_sensitive (boolean)" +msgid "case_sensitive (string)" msgstr "case_sensitive (booléen)" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 +#, fuzzy +#| msgid "" +#| "Treat user and group names as case sensitive. At the moment, this option " +#| "is not supported in the local provider." msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "Traiter les utilisateur et les noms de groupes comme sensible à la casse. " "Actuellement, cette option n'est pas supportée dans le fournisseur local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" -msgstr "Par défaut : True" +#: sssd.conf.5.xml:1916 +#, fuzzy +#| msgid "Default: false (AD provider: true)" +msgid "Default: True (False for AD provider)" +msgstr "Par défaut : false (AD provider : true)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2637,22 +2756,22 @@ msgstr "" "afin d'améliorer les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "nom plat (NetBIOS) d'un sous-domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2668,7 +2787,7 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -2676,17 +2795,17 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Par défaut : <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "realmd_tags (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -2694,7 +2813,7 @@ msgstr "" "ce domaine." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2706,17 +2825,17 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "Le proxy cible duquel PAM devient mandataire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -2725,12 +2844,12 @@ msgstr "" "ou en créer une nouvelle et ajouter le nom de service ici." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2741,7 +2860,7 @@ msgstr "" "$(libName)_$(function), par exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -2750,12 +2869,12 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "La section du domaine local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2766,29 +2885,29 @@ msgstr "" "dire un domaine qui utilise <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "default_shell (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "L'interpréteur de commandes par défaut pour les utilisateurs créés avec les " "outils en espace utilisateur SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "Par défaut : <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "base_directory (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -2797,17 +2916,17 @@ msgstr "" "replaceable> et l'utilisent comme dossier personnel." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "Par défaut : <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "create_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -2816,17 +2935,17 @@ msgstr "" "utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "Par défaut : TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "remove_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -2835,12 +2954,12 @@ msgstr "" "suppression des utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "homedir_umask (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2851,17 +2970,17 @@ msgstr "" "défaut sur un répertoire personnel nouvellement créé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "Par défaut : 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "skel_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2874,17 +2993,17 @@ msgstr "" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "Par défaut : <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "mail_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2895,17 +3014,17 @@ msgstr "" "précisé, la valeur par défaut est utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "Par défaut : <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "userdel_cmd (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2916,18 +3035,19 @@ msgstr "" "code en retour de la commande n'est pas pris en compte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "Par défaut : None, aucune commande lancée" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 +#: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2981,7 +3101,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3166,7 +3286,7 @@ msgstr "" "http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "Exemples :" @@ -3397,7 +3517,7 @@ msgstr "" "L'attribut LDAP correspondant à l'id du groupe primaire de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "Par défaut : gidNumber" @@ -3451,27 +3571,11 @@ msgstr "Par défaut : loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "ldap_user_uuid (chaîne)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" -"L'attribut LDAP qui contient les UUID/GUID d'un objet LDAP utilisateur." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "Par défaut : nsUniqueId" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -3480,19 +3584,19 @@ msgstr "" "n'est habituellement nécessaire que pour les serveurs Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" "Par défaut : objectSid pour ActiveDirectory, indéfini pour les autres " "serveurs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -3501,17 +3605,17 @@ msgstr "" "l'objet parent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "Par défaut : modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3524,17 +3628,17 @@ msgstr "" "citerefentry> (date de changement du dernier mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "Par défaut : shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3547,17 +3651,17 @@ msgstr "" "citerefentry> (durée de validité minimum du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "Par défaut : shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3570,17 +3674,17 @@ msgstr "" "citerefentry> (âge maximum du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "Par défaut : shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3593,17 +3697,17 @@ msgstr "" "citerefentry> (période d'avertissement du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "Par défaut : shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3616,17 +3720,17 @@ msgstr "" "citerefentry> (période d'inactivité du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "Par défaut : shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -3640,17 +3744,17 @@ msgstr "" "citerefentry> (date d'expiration du compte)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "Par défaut : shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -3661,17 +3765,17 @@ msgstr "" "de mot de passe dans kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "Par défaut : krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -3681,17 +3785,17 @@ msgstr "" "passe actuel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "Par défaut : krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -3700,17 +3804,17 @@ msgstr "" "contient le nom d'un attribut LDAP stockant la date d'expiration du compte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "Par défaut : accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -3720,17 +3824,17 @@ msgstr "" "compte utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "Par défaut : userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -3739,17 +3843,17 @@ msgstr "" "paramètre détermine si l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "Par défaut : nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -3758,17 +3862,17 @@ msgstr "" "détermine si l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "Par défaut : loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -3777,12 +3881,12 @@ msgstr "" "détermine jusqu'à quand l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -3792,17 +3896,17 @@ msgstr "" "est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "Par défaut : loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -3811,17 +3915,17 @@ msgstr "" "de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "Par défaut : krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "ldap_user_extra_attrs (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." @@ -3830,7 +3934,7 @@ msgstr "" "plus des attributs utilisateur habituels." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3840,7 +3944,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3848,46 +3952,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "L'attribut LDAP qui contient les clés publiques SSH de l'utilisateur." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +#, fuzzy +#| msgid "Default: sudoRole" +msgid "Default: sshPublicKey" +msgstr "Par défaut : sudoRole" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3900,12 +4011,12 @@ msgstr "" "utiliser un nom de domaine en majuscules." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -3914,12 +4025,12 @@ msgstr "" "d'actualiser son cache d\"énumération d'enregistrements." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3930,55 +4041,57 @@ msgstr "" "jamais connectés) et de suppression pour économiser de l'espace." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" "Mettre cette option à zéro désactive l'opération de nettoyage du cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" +#: sssd-ldap.5.xml:711 +#, fuzzy +#| msgid "Default: 10800 (12 hours)" +msgid "Default: 10800 (3 hours)" msgstr "Par défaut : 1800 (12 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "L'attribut LDAP correspondant au nom complet de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 -#: sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "Par défaut : cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" "L'attribut LDAP énumérant les groupes auquel appartient un utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "Par défaut : memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -3989,7 +4102,7 @@ msgstr "" "l'utilisateur pour déterminer les autorisations d'accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -3998,7 +4111,7 @@ msgstr "" "autorisation explicite (svc) et enfin allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -4009,17 +4122,17 @@ msgstr "" "l'option ldap_user_authorized_service de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "Par défaut : authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -4030,7 +4143,7 @@ msgstr "" "déterminer les autorisations d'accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -4039,7 +4152,7 @@ msgstr "" "autorisations explicites (host) et enfin toutes les autorisations (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -4050,77 +4163,67 @@ msgstr "" "ldap_user_authorized_host de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "Par défaut : host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "La classe d'objet d'une entrée de groupe dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "Par défaut : posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "ldap_group_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "L'attribut LDAP correspondant au nom du groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "L'attribut LDAP correspondant à l'identifiant de groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "ldap_group_member (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "L'attribut LDAP contenant les noms des membres du groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Par défaut : memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "ldap_group_uuid (chaîne)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "L'attribut LDAP contenant les UUID/GUID d'un objet groupe LDAP." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -4129,24 +4232,24 @@ msgstr "" "n'est habituellement nécessaire que pour les serveurs Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4154,17 +4257,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4176,7 +4279,7 @@ msgstr "" "schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4186,7 +4289,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -4195,17 +4298,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "Par défaut : 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4217,7 +4320,7 @@ msgstr "" "complexes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." @@ -4227,7 +4330,7 @@ msgstr "" "imbrications très complexes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4238,7 +4341,7 @@ msgstr "" "essentiellement « auto-detect »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -4251,18 +4354,18 @@ msgstr "" "documentation de MSDN(TM)</ulink> pour plus de détails." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 -#: sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 +#: sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "Par défaut : False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4274,83 +4377,88 @@ msgstr "" "complexes)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "Par défaut : True" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "La classe d'objet d'une entrée de netgroup dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "Pour un fournisseur IPA, ipa_netgroup_object_class doit être utilisé à la " "place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "Par défaut : nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "L'attribut LDAP correspondant au nom du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" "Dans le fournisseur IPA, ipa_netgroup_name doit être utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "L'attribut LDAP contenant les noms des membres du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "Dans le fournisseur IPA, ipa_netgroup_member doit être utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "Par défaut : memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -4358,59 +4466,42 @@ msgstr "" "netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "Cette option n'est pas disponible dans le fournisseur IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "Par défaut : nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "ldap_netgroup_uuid (chaîne)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "L'attribut LDAP contenant les UUID/GUID d'un objet netgroup LDAP." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" -"Dans le fournisseur IPA, ipa_netgroup_uuid doit être utilisé à la place." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "La classe d'objet d'une entrée de service LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "Par défaut : ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "ldap_service_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -4419,48 +4510,48 @@ msgstr "" "alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "ldap_service_port (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "L'attribut LDAP qui contient le port géré par ce service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "Par défaut : ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "L'attribut LDAP qui contient les protocoles compris par ce service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "Par défaut : ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -4471,7 +4562,7 @@ msgstr "" "activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4482,12 +4573,12 @@ msgstr "" "différents types de recherches." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4498,12 +4589,12 @@ msgstr "" "résultats mis en cache (et activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -4520,12 +4611,12 @@ msgstr "" "citerefentry> rendent la main en cas d'inactivité." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -4536,12 +4627,12 @@ msgstr "" "contrôler le délai de communication avec le KDC dans le cas d'un appel SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -4554,17 +4645,17 @@ msgstr "" "courte des deux valeurs entre celle-ci et la durée de vie TGT sera utilisée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "Par défaut : 900 (15 minutes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -4573,17 +4664,17 @@ msgstr "" "Certains serveurs LDAP imposent une limite maximale par requête." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "Par défaut : 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -4595,7 +4686,7 @@ msgstr "" "correctement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -4605,7 +4696,7 @@ msgstr "" "sera impossible de l'utiliser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -4616,17 +4707,17 @@ msgstr "" "cela peut entraîner l'échec de certaines demandes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "Désactiver la récupération de plage Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -4642,12 +4733,12 @@ msgstr "" "apparaissant ainsi sans aucun membre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -4658,19 +4749,19 @@ msgstr "" "de cette option sont définies par OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Par défaut : Utiliser la valeur par défaut du système (généralement spécifié " "par ldap.conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -4681,7 +4772,7 @@ msgstr "" "membres manquants est inférieur, ils sont recherchés individuellement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" @@ -4689,7 +4780,7 @@ msgstr "" "affectant la valeur 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -4702,7 +4793,7 @@ msgstr "" "acceptés sont 389/RHDS, OpenLDAP et Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -4713,12 +4804,12 @@ msgstr "" "déréférencement est désactivée indépendamment de ce paramètre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -4727,7 +4818,7 @@ msgstr "" "session TLS, si elle existe. Une des valeurs suivantes est utilisable :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -4736,7 +4827,7 @@ msgstr "" "quelconque certificat du serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4747,7 +4838,7 @@ msgstr "" "certificat est fourni, il est ignoré et la session continue normalement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4758,7 +4849,7 @@ msgstr "" "certificat est fourni, la session se termine immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -4769,22 +4860,22 @@ msgstr "" "immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> : identique à <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "Par défaut : hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -4793,7 +4884,7 @@ msgstr "" "certification que <command>sssd</command> reconnaîtra." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -4802,12 +4893,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4821,32 +4912,32 @@ msgstr "" "corrects." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Définit le fichier qui contient le certificat pour la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "Définit le fichier qui contient la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4858,12 +4949,12 @@ msgstr "" "manvolnum></citerefentry> pour le format." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -4873,12 +4964,12 @@ msgstr "" "canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4890,19 +4981,19 @@ msgstr "" "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Cette fonctionnalité ne prend actuellement en charge que la correspondance " "par objectSID avec Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "ldap_min_id, ldap_max_id (entiers)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4922,17 +5013,17 @@ msgstr "" "identifiants." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "Par défaut : non indiqué (les deux options sont à 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -4941,12 +5032,12 @@ msgstr "" "pris en charge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4960,17 +5051,17 @@ msgstr "" "exemple host/myhost)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "Par défaut : host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4981,17 +5072,17 @@ msgstr "" "domaine, cette option est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "Par défaut : la valeur de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -5000,34 +5091,34 @@ msgstr "" "le nom de l'hôte au cours d'une liaison SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "Défaut : false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Définit le fichier keytab à utiliser pour utiliser SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Par défaut : le fichier keytab du système, normalement <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5038,27 +5129,27 @@ msgstr "" "SASL est utilisé et que le mécanisme choisi est GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Définit la durée de vie, en secondes, des TGT si GSSAPI est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "Par défaut : 86400 (24 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5078,7 +5169,7 @@ msgstr "" "SERVICES</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5089,7 +5180,7 @@ msgstr "" "comme protocole, et passe sur _tcp si aucune entrée n'est trouvée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5101,29 +5192,29 @@ msgstr "" "l'utilisation de <quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Définit le DOMAINE de Kerberos (pour l'authentification SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Par défaut : valeur par défaut du système, voir <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -5133,12 +5224,12 @@ msgstr "" "Kerberos > = 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5153,7 +5244,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5165,12 +5256,12 @@ msgstr "" "localisation." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -5179,7 +5270,7 @@ msgstr "" "valeurs suivantes sont acceptées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -5188,7 +5279,7 @@ msgstr "" "peut pas désactiver la politique sur les mots de passe du côté serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5199,7 +5290,7 @@ msgstr "" "manvolnum></citerefentry> pour évaluer si le mot de passe a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5211,24 +5302,24 @@ msgstr "" "est changé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "Définit si le déréférencement automatique doit être activé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -5237,7 +5328,7 @@ msgstr "" "compilé avec OpenLDAP version 2.4.13 ou supérieur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5251,29 +5342,29 @@ msgstr "" "permettre d'améliorer de façon notable les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Définit le nom de service à utiliser quand la découverte de services est " "activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "Par défaut : ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -5282,19 +5373,19 @@ msgstr "" "un changement de mot de passe quand la découverte de services est activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Par défaut : non défini, c'est-à-dire que le service de découverte est " "désactivé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -5304,12 +5395,12 @@ msgstr "" "de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5325,12 +5416,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "Exemple:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5339,14 +5430,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5358,17 +5449,17 @@ msgstr "" "Si tel était le cas, l'accès sera conservé en mode hors-ligne et vice-versa." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "Par défaut : vide" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -5377,7 +5468,7 @@ msgstr "" "être activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5389,12 +5480,12 @@ msgstr "" "correct." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "Les valeurs suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -5403,7 +5494,7 @@ msgstr "" "pour déterminer si le compte a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5416,7 +5507,7 @@ msgstr "" "d'expiration du compte est aussi vérifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5427,7 +5518,7 @@ msgstr "" "l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5440,7 +5531,7 @@ msgstr "" "est autorisé. Si les deux attributs sont manquants, l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5451,29 +5542,37 @@ msgstr "" "ldap_account_expire_policy de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "ldap_access_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Liste séparées par des virgules des options de contrôles d'accès. Les " "valeurs autorisées sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis> : utiliser ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utiliser ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -5482,18 +5581,18 @@ msgstr "" "authorizedService pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis> : utilise l'attribut host pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "Par défaut : filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -5502,12 +5601,38 @@ msgstr "" "de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +#, fuzzy +#| msgid "ldap_pwd_policy (string)" +msgid "ldap_pwdlockout_dn (string)" +msgstr "ldap_pwd_policy (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "ldap_deref (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -5516,12 +5641,12 @@ msgstr "" "recherche. Les options suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis> : les alias ne sont jamais déréférencés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -5531,7 +5656,7 @@ msgstr "" "recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -5540,7 +5665,7 @@ msgstr "" "la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -5549,7 +5674,7 @@ msgstr "" "recherche et et la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -5558,12 +5683,12 @@ msgstr "" "bibliothèques clientes LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -5572,7 +5697,7 @@ msgstr "" "LDAP pour les serveurs qui utilisent le schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -5590,7 +5715,7 @@ msgstr "" "initgoups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -5616,12 +5741,12 @@ msgstr "" "détails. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "OPTIONS DE SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -5629,52 +5754,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "La classe d'objet d'une entrée de règle de sudo dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "Par défaut : sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "L'attribut LDAP qui correspond au nom de la règle de sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "L'attribut LDAP qui correspond au nom de la commande." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "Par défaut : sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -5683,17 +5808,17 @@ msgstr "" "réseau IP de l'hôte ou netgroup de l'hôte)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "Par défaut : sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -5702,32 +5827,32 @@ msgstr "" "groupe ou netgroup de l'utilisateur)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "Par défaut : sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "L'attribut LDAP qui correspond aux options sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "Par défaut : sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -5736,17 +5861,17 @@ msgstr "" "nom d'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "Par défaut : sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -5755,17 +5880,17 @@ msgstr "" "les commandes seront être exécutées." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "Par défaut : sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -5774,17 +5899,17 @@ msgstr "" "règle sudo est valide." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "Par défaut : sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -5793,32 +5918,32 @@ msgstr "" "règle sudo ne sera plus valide." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "Par défaut : sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "L'attribut LDAP qui correspond à l'index de tri de la règle." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "Par défaut : sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -5828,7 +5953,7 @@ msgstr "" "règles qui sont stockées sur le serveur)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -5837,17 +5962,17 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "Par défaut : 21600 (6 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -5859,7 +5984,7 @@ msgstr "" "cache)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -5868,12 +5993,12 @@ msgstr "" "modifyTimestamp est utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -5883,12 +6008,12 @@ msgstr "" "noms de systèmes)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -5897,7 +6022,7 @@ msgstr "" "doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -5906,8 +6031,8 @@ msgstr "" "nom de système et le nom de domaine pleinement qualifié." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -5916,17 +6041,17 @@ msgstr "" "emphasis>, alors cette option n'a aucun effet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "Par défaut : non spécifié" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -5935,7 +6060,7 @@ msgstr "" "IPv6 qui doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -5944,12 +6069,12 @@ msgstr "" "automatiquement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -5958,12 +6083,12 @@ msgstr "" "netgroup dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -5972,7 +6097,7 @@ msgstr "" "un joker dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -5985,12 +6110,12 @@ msgstr "" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "OPTIONS AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." @@ -5999,63 +6124,63 @@ msgstr "" "qui est RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "Par défaut : auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "" "La classe d'objet d'une entrée de table de montage automatique dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "Par défaut : automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "Le nom d'une entrée de table de montage automatique dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "Par défaut : ou" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -6064,17 +6189,17 @@ msgstr "" "généralement à un point de montage." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "Par défaut : automountInformation" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6087,37 +6212,37 @@ msgstr "" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "OPTIONS AVANCÉES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6129,7 +6254,7 @@ msgstr "" "\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6140,7 +6265,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -6160,20 +6285,20 @@ msgstr "" " cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 -#: sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 +#: sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6795,7 +6920,7 @@ msgstr "" "identifier l'hôte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booléen)" @@ -6815,7 +6940,7 @@ msgstr "" "l'utilisation de l'option <quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -6837,12 +6962,12 @@ msgstr "" "configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -6869,12 +6994,12 @@ msgid "Default: 1200 (seconds)" msgstr "Par défaut : 1200 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "dyndns_iface (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -6931,12 +7056,12 @@ msgstr "" "seront utilisés comme serveurs de repli" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -6948,12 +7073,12 @@ msgstr "" "configurée à true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -6978,12 +7103,12 @@ msgid "Default: False (disabled)" msgstr "Par défaut : False (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -6992,7 +7117,7 @@ msgstr "" "communication avec le serveur DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Par défaut : False (laisser nsupdate choisir le protocole)" @@ -7098,7 +7223,7 @@ msgid "" msgstr "Vérifie avec l'aide de krb5_keytab que le TGT obtenu n'est pas usurpé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -7204,7 +7329,7 @@ msgstr "" "beaucoup de requêtes de contrôle d'accès sur une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "Par défaut : 5 (secondes)" @@ -7738,8 +7863,407 @@ msgstr "" msgid "Default: permissive" msgstr "Par défaut : permissive" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +#, fuzzy +#| msgid "ldap_purge_cache_timeout (integer)" +msgid "ad_gpo_cache_timeout (integer)" +msgstr "ldap_purge_cache_timeout (entier)" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 +#, fuzzy +#| msgid "" +#| "The amount of time between lookups of the HBAC rules against the IPA " +#| "server. This will reduce the latency and load on the IPA server if there " +#| "are many access-control requests made in a short period." +msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" +"Le temps entre deux recherches de règles HBAC sur un serveur IPA. Cela " +"permet de réduire le temps de latence et la charge du serveur IPA si il y a " +"beaucoup de requêtes de contrôle d'accès sur une courte période." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_interactive (string)" +msgstr "ad_domain (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>login</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 +#: sssd-ad.5.xml:559 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +#, fuzzy +#| msgid "login UID" +msgid "login" +msgstr "UID de l'utilisateur" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +#, fuzzy +#| msgid "password" +msgid "gdm-password" +msgstr "password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +#, fuzzy +#| msgid "ldap_user_shadow_inactive (string)" +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "ldap_user_shadow_inactive (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>sshd</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +#, fuzzy +#| msgid "ad_gpo_access_control (string)" +msgid "ad_gpo_map_network (string)" +msgstr "ad_gpo_access_control (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>ftp</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_batch (string)" +msgstr "ad_domain (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>crond</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +#, fuzzy +#| msgid "ldap_service_name (string)" +msgid "ad_gpo_map_service (string)" +msgstr "ldap_service_name (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +msgid "" +"It is possible to add a PAM service name to the default set by using <quote>" +"+service_name</quote>. Since the default set is empty, it is not possible " +"to remove a PAM service name from the default set. For example, in order to " +"add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " +"would use the following configuration: <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_permit (string)" +msgstr "ad_domain (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +#, fuzzy +#| msgid "sssd-sudo" +msgid "sudo" +msgstr "sssd-sudo" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_deny (string)" +msgstr "ad_domain (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +#, fuzzy +#| msgid "ldap_default_authtok (string)" +msgid "ad_gpo_default_right (string)" +msgstr "ldap_default_authtok (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +msgid "Supported values for this option include:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +#, fuzzy +#| msgid "services" +msgid "service" +msgstr "services" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +#, fuzzy +#| msgid "Default: cn" +msgid "Default: deny" +msgstr "Par défaut : cn" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -7757,22 +8281,22 @@ msgstr "" "<quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "Par défaut : 3600 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "Par défaut : utilise l'adresse IP de la connexion LDAP AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "krb5_use_enterprise_principal (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." @@ -7782,7 +8306,7 @@ msgstr "" "principals d'entreprise." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -7793,7 +8317,7 @@ msgstr "" "exemples montrent seulement les options spécifiques au fournisseur AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -7817,7 +8341,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7829,7 +8353,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -7840,10 +8364,18 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 +#, fuzzy +#| msgid "" +#| "However, unless the <quote>ad</quote> access control provider is " +#| "explicitly configured, the default access provider is <quote>permit</" +#| "quote>." msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" "Cependant, à moins que le fournisseur de contrôle d'accès <quote>ad</quote> " "soit explicitement configué, le fournisseur de contrôle d'accès par défaut " @@ -8322,28 +8854,33 @@ msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" -"Précise à SSSD de simuler une opération hors-ligne pendant une minute. C'est " -"surtout utile pour faire des tests." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 +#, fuzzy +#| msgid "" +#| "Tells the SSSD to go online immediately. This is mostly useful for " +#| "testing purposes." msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" "Précise à SSSD de passer en mode hors-ligne immédiatement. C'est surtout " "utile pour faire des tests." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -9759,6 +10296,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 +#, fuzzy +#| msgid "" +#| "<option>-u</option>,<option>--user</option> <replaceable>login</" +#| "replaceable>" +msgid "" +"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" +"replaceable>" +msgstr "" +"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:167 +#, fuzzy +#| msgid "Invalidate specific user." +msgid "Invalidate SSH public keys of a specific host." +msgstr "Invalider un utilisateur spécifique." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +#, fuzzy +#| msgid "<option>-s</option>,<option>--stdin</option>" +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "<option>-s</option>,<option>--stdin</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +#, fuzzy +#| msgid "" +#| "Invalidate all autofs maps. This option overrides invalidation of " +#| "specific map if it was also set." +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" +"Invalider toutes les cartes autofs. Cette option remplace l'invalidation de " +"carte spécifique s'elle a également été définie." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>domain</" "replaceable>" @@ -9767,7 +10343,7 @@ msgstr "" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_cache.8.xml:167 +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "Restreindre le processus d'invalidation à un domaine particulier." @@ -10104,6 +10680,182 @@ msgstr "" msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" +"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " +"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" +"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " +"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" +"author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +#, fuzzy +#| msgid "sss_groupmod" +msgid "sss_rpcidmapd" +msgstr "sss_groupmod" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "CONFIGURATION FILE" +msgstr "OPTIONS DE CONFIGURATION" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +#, fuzzy +#| msgid "" +#| "Specifies acceptable cipher suites. Typically this is a colon sperated " +#| "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " +#| "<manvolnum>5</manvolnum></citerefentry> for format." +msgid "" +"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." +"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." +msgstr "" +"Définit les algorithmes de chiffrement acceptables. Généralement sous la " +"forme d'une liste séparée par des deux-points. Cf. " +"<citerefentry><refentrytitle>ldap.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> pour le format." + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "SSS CONFIGURATION EXTENSION" +msgstr "OPTIONS DE CONFIGURATION" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +#, fuzzy +#| msgid "The [sssd] section" +msgid "[sss] config section" +msgstr "La section [sssd]" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +#, fuzzy +#| msgid "Configuration" +msgid "Configuration attributes" +msgstr "Configuration" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +#, fuzzy +#| msgid "enumerate (bool)" +msgid "memcache (bool)" +msgstr "enumerate (booléen)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +#, fuzzy +#| msgid "" +#| "The following expansions are supported: <placeholder type=\"variablelist" +#| "\" id=\"0\"/>" +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Les expansions suivantes sont prises en charge : <placeholder type=" +"\"variablelist\" id=\"0\"/>" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "VOIR AUSSI" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +#, fuzzy +#| msgid "" +#| "This manual page describes how to configure <citerefentry> " +#| "<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </" +#| "citerefentry> to work with <citerefentry> <refentrytitle>sssd</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> and how SSSD " +#| "caches sudo rules." +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" +"Cette page de manuel décrit comment configurer " +"<citerefentry><refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> pour travailler avec <citerefentry><refentrytitle>sssd</" +"refentrytitle> <manvolnum>8</manvolnum></citerefentry> et comment SSSD met " +"en cache les règles sudo." + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -11159,13 +11911,49 @@ msgstr "" "command> et <command>sss_group *</command> utilisent alors un stockage local " "de type LDB pour les utilisateurs et les groupes." -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "VOIR AUSSI" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 +#, fuzzy +#| msgid "" +#| "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</" +#| "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" +#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" +#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</" +#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </" +#| "citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> " +#| "<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_seed</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</" +#| "manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> " +#| "<citerefentry> <refentrytitle>sss_ssh_authorizedkeys</refentrytitle> " +#| "<manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</" +#| "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " +#| "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" +#| "manvolnum> </citerefentry>, </phrase> <citerefentry> " +#| "<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>." msgid "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" @@ -11204,7 +11992,9 @@ msgid "" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" msgstr "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" @@ -11404,3 +12194,49 @@ msgstr "" #: include/homedir_substring.xml:15 msgid "Default: /home" msgstr "Par défaut : /home" + +#~ msgid "" +#~ "If SSSD is in offline mode, and last attempt to go online was less than " +#~ "number of seconds specified in this option ago, new requests for data " +#~ "will not result in attempt to go online." +#~ msgstr "" +#~ "Si SSSD est en mode hors-ligne, et que la dernière tentative de passage " +#~ "en mode en ligne date de moins que le nombre de secondes indiqué dans " +#~ "cette option, les nouvelles demandes de données n'entraineront pas de " +#~ "tentative de mise en ligne." + +#~ msgid "ldap_user_uuid (string)" +#~ msgstr "ldap_user_uuid (chaîne)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP user object." +#~ msgstr "" +#~ "L'attribut LDAP qui contient les UUID/GUID d'un objet LDAP utilisateur." + +#~ msgid "Default: nsUniqueId" +#~ msgstr "Par défaut : nsUniqueId" + +#~ msgid "ldap_group_uuid (string)" +#~ msgstr "ldap_group_uuid (chaîne)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP group object." +#~ msgstr "L'attribut LDAP contenant les UUID/GUID d'un objet groupe LDAP." + +#~ msgid "ldap_netgroup_uuid (string)" +#~ msgstr "ldap_netgroup_uuid (chaîne)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." +#~ msgstr "L'attribut LDAP contenant les UUID/GUID d'un objet netgroup LDAP." + +#~ msgid "In IPA provider, ipa_netgroup_uuid should be used instead." +#~ msgstr "" +#~ "Dans le fournisseur IPA, ipa_netgroup_uuid doit être utilisé à la place." + +#~ msgid "" +#~ "Tells the SSSD to simulate offline operation for one minute. This is " +#~ "mostly useful for testing purposes." +#~ msgstr "" +#~ "Précise à SSSD de simuler une opération hors-ligne pendant une minute. " +#~ "C'est surtout utile pour faire des tests." diff --git a/src/man/po/ja.po b/src/man/po/ja.po index 8c18cb60b..2b16e9c6d 100644 --- a/src/man/po/ja.po +++ b/src/man/po/ja.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-07-09 19:18+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: 2014-06-04 18:04+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Japanese (http://www.transifex.com/projects/p/sssd/language/" @@ -28,8 +28,8 @@ msgstr "" #: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 #: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 #: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 -#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 -#: sss_ssh_knownhostsproxy.1.xml:5 +#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 +#: sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "SSSD マニュアル ページ" @@ -139,14 +139,14 @@ msgstr "sssd.conf" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 -#: sssd-ifp.5.xml:11 +#: sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 -#: sssd-ifp.5.xml:12 +#: sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "ファイル形式および変換" @@ -252,11 +252,11 @@ msgid "Add a timestamp to the debug messages" msgstr "デバッグメッセージに日時を追加します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 -#: sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 -#: sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 +#: sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 +#: sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 #: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "初期値: true" @@ -271,16 +271,16 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "デバッグメッセージの日時にマイクロ秒を追加します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 -#: sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 +#: sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "初期値: false" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -302,7 +302,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "初期値: 10" @@ -317,7 +317,7 @@ msgid "The [sssd] section" msgstr "[sssd] セクション" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "セクションのパラメーター" @@ -356,12 +356,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" @@ -370,7 +370,7 @@ msgstr "" "める前に試行する回数です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "初期値: 3" @@ -394,7 +394,7 @@ msgstr "" "名は ASCII 英数字、ダッシュ (-) およびアンダースコア (_) のみを使用できます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "re_expression (文字列)" @@ -414,12 +414,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "full_name_format (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -430,39 +430,39 @@ msgstr "" "manvolnum> </citerefentry> 互換形式。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "ユーザー名" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "SSSD 設定ファイルにおいて指定されるドメイン名。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -579,12 +579,46 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 -#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 -#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "初期値: 設定されません" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +#, fuzzy +#| msgid "override_shell (string)" +msgid "override_space (string)" +msgstr "override_shell (文字列)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +#, fuzzy +#| msgid "Default: not set, i.e. FAST is not used." +msgid "Default: not set (spaces will not be replaced)" +msgstr "初期値: 設定されません、つまり FAST が使用されません。" + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -602,12 +636,12 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "サービスセクション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -619,22 +653,22 @@ msgstr "" "ば、NSS サービスは <quote>[nss]</quote> セクションです" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "サービス設定の全体オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "これらのオプションはすべてのサービスを設定するために使用できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -644,17 +678,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -665,19 +699,19 @@ msgstr "" "避けるために制限されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 -#: sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 -#: sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 +#: sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 +#: sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "初期値: 60" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "force_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the <quote>timeout</" "quote> option), it is first sent the SIGTERM signal that instructs it to " @@ -687,25 +721,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +msgid "offline_timeout + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "NSS 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -713,12 +772,12 @@ msgstr "" "きます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -727,17 +786,17 @@ msgstr "" "要求)。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "初期値: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -748,7 +807,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -763,7 +822,7 @@ msgstr "" "とをブロックする必要がありません。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -776,17 +835,17 @@ msgstr "" "(0 はこの機能を無効にします)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "初期値: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -797,17 +856,17 @@ msgstr "" "せ)をキャッシュする秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "初期値: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -820,17 +879,17 @@ msgstr "" "飾名を含めることができます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "初期値: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -838,12 +897,12 @@ msgstr "" "ションを偽に設定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "fallback_homedir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -852,7 +911,7 @@ msgstr "" "ホームディレクトリーの標準テンプレートを設定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -860,7 +919,7 @@ msgstr "" "同じです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -870,22 +929,22 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "例: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "初期値: 設定なし (ホームディレクトリーの設定がない場合は代替なし)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "override_shell (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -893,17 +952,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "初期値: 設定なし (SSSD は LDAP から取得された値を使用します)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "allowed_shells (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -911,13 +970,13 @@ msgstr "" "す:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. シェルが <quote>/etc/shells</quote> に存在すると、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -926,7 +985,7 @@ msgstr "" "ば、shell_fallback パラメーターの値を使用します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -935,12 +994,12 @@ msgstr "" "ば、nologin シェルが使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "シェルの空文字列は libc にそのまま渡されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -950,27 +1009,27 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "初期値: 設定されません。ユーザーシェルが自動的に使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "vetoed_shells (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "これらのシェルのインスタンスをすべて shell_fallback に置き換えます" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "shell_fallback (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -978,65 +1037,65 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "初期値: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "memcache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "初期値: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "PAM 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1045,12 +1104,12 @@ msgstr "" "ために使用できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1059,17 +1118,17 @@ msgstr "" "ラインログインの最終成功からの日数)です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "初期値: 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1077,12 +1136,12 @@ msgstr "" "認証プロバイダーがオフラインの場合、ログイン試行の失敗が許容される回数です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1091,7 +1150,7 @@ msgstr "" "渡される分単位の時間です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1102,17 +1161,17 @@ msgstr "" "効にできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "初期値: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1121,42 +1180,42 @@ msgstr "" "きいほどメッセージが表示されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "現在 sssd は以下の値をサポートします:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: 何もメッセージを表示しない" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: 重要なメッセージのみを表示する" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: 情報レベルのメッセージを表示する" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "<emphasis>3</emphasis>: すべてのメッセージとデバッグ情報を表示する" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "初期値: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1166,7 +1225,7 @@ msgstr "" "されるよう、SSSD は直ちにキャッシュされた識別情報を更新しようとします。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1179,17 +1238,17 @@ msgstr "" "アプリケーションごとに)制御します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "パスワードの期限が切れる前に N 日間警告を表示します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1199,31 +1258,31 @@ msgstr "" "ことに注意してください。この情報がなければ、sssd は警告を表示します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "初期値: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "SUDO 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1234,12 +1293,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "sudo_timed (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -1248,22 +1307,22 @@ msgstr "" "を評価するかしないかです。" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "Autofs 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "これらのオプションが autofs サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1274,51 +1333,51 @@ msgstr "" "ヒットする秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "SSH 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "これらのオプションは SSH サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "初期値: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1330,7 +1389,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1341,24 +1400,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1366,12 +1425,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1380,17 +1439,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "ドメインセクション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -1399,7 +1458,7 @@ msgstr "" "トリーを含む場合、それは無視されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1411,24 +1470,24 @@ msgstr "" "バーに対して、範囲内にあるものは予期されたものとして報告されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "初期値: min_id は 1, max_id は 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "enumerate (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" @@ -1437,23 +1496,23 @@ msgstr "" "必要があります:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = ユーザーとグループが列挙されます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = このドメインに対して列挙しません" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "初期値: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1465,7 +1524,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -1474,7 +1533,7 @@ msgstr "" "れが完了するまで結果を返しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1487,39 +1546,39 @@ msgstr "" "てください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1528,17 +1587,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "初期値: none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -1547,7 +1606,7 @@ msgstr "" "数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1558,17 +1617,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "初期値: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -1577,18 +1636,19 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 -#: sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "初期値: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -1597,12 +1657,12 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -1611,12 +1671,12 @@ msgstr "" "有効であると考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -1625,81 +1685,95 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +#, fuzzy +#| msgid "entry_cache_sudo_timeout (integer)" +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "entry_cache_sudo_timeout (integer)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "初期値: 0 (無効)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "cache_credentials (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "ユーザーのクレディンシャルがローカル LDB キャッシュにキャッシュされるかどうか" "を決めます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "ユーザーのクレディンシャルが、平文ではなく SHA512 ハッシュで保存されます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1711,17 +1785,17 @@ msgstr "" "offline_credentials_expiration と同等以上でなければいけません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "初期値: 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1730,17 +1804,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "初期値: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "id_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -1748,17 +1822,17 @@ msgstr "" "ダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "<quote>proxy</quote>: レガシーな NSS プロバイダーのサポート" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: ローカルユーザー向け SSSD 内部プロバイダー" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1769,8 +1843,8 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 -#: sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1783,8 +1857,8 @@ msgstr "" "い。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1795,12 +1869,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -1809,7 +1883,7 @@ msgstr "" "名形式により整形されたように) を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1822,7 +1896,7 @@ msgstr "" "んが、<command>getent passwd test@LOCAL</command> は見つけられます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -1830,17 +1904,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -1848,12 +1922,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "auth_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -1862,7 +1936,7 @@ msgstr "" "ダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1873,7 +1947,7 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1884,19 +1958,19 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" "<quote>proxy</quote> はいくつかの他の PAM ターゲットに認証を中継します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> は明示的に認証を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -1905,12 +1979,12 @@ msgstr "" "ならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "access_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1921,7 +1995,7 @@ msgstr "" "えます)。内部の特別プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -1930,12 +2004,12 @@ msgstr "" "ロバイダーのみアクセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> は常にアクセスを拒否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1948,17 +2022,17 @@ msgstr "" "citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "初期値: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "chpass_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -1967,7 +2041,7 @@ msgstr "" "パスワード変更プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1978,7 +2052,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1989,7 +2063,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -1997,12 +2071,12 @@ msgstr "" "します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> は明示的にパスワードの変更を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -2011,19 +2085,19 @@ msgstr "" "うことができるならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "sudo_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "ドメインに使用される SUDO プロバイダーです。サポートされる SUDO プロバイダー" "は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2034,33 +2108,33 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> は SUDO を明示的に無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 -#: sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "初期値: <quote>id_provider</quote> の値が設定されていると使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2071,12 +2145,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "selinux_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2084,7 +2158,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2092,31 +2166,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "subdomains_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2124,17 +2198,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> はサブドメインの取り出しを明示的に無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "autofs_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -2142,7 +2216,7 @@ msgstr "" "プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2153,7 +2227,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2164,17 +2238,17 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> は明示的に autofs を無効にします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "hostid_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -2183,7 +2257,7 @@ msgstr "" "hostid プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2194,12 +2268,12 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> は明示的に hostid を無効にします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2209,7 +2283,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2218,29 +2292,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2251,7 +2325,7 @@ msgstr "" "everything after that\" に解釈されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2259,7 +2333,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -2268,17 +2342,17 @@ msgstr "" "Python 構文 (?P<name>) のみをサポートします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "初期値: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "lookup_family_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -2287,46 +2361,46 @@ msgstr "" "します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "サポートする値:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: IPv4 アドレスの検索を試行します。失敗すると IPv6 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only: ホスト名を IPv4 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: IPv6 アドレスの検索を試行します。失敗すると IPv4 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only: ホスト名を IPv6 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "初期値: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2337,18 +2411,18 @@ msgstr "" "ドにて操作を継続します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 -#: sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "初期値: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -2357,46 +2431,85 @@ msgstr "" "イン部分を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "初期値: マシンのホスト名のドメイン部分を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "override_gid (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "プライマリー GID の値を指定されたもので上書きします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +#, fuzzy +#| msgid "case_sensitive (boolean)" +msgid "case_sensitive (string)" msgstr "case_sensitive (論理値)" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 +#, fuzzy +#| msgid "" +#| "Treat user and group names as case sensitive. At the moment, this option " +#| "is not supported in the local provider." msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "ユーザー名とグループ名が大文字小文字を区別するよう取り扱います。今のところ、" "このオプションはローカルプロバイダーにおいてサポートされません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" -msgstr "初期値: True" +#: sssd.conf.5.xml:1916 +msgid "Default: True (False for AD provider)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2405,22 +2518,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "サブドメインのフラット (NetBIOS) 名。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2430,30 +2543,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" "値は <emphasis>override_homedir</emphasis> オプションにより上書きできます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "初期値: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "realmd_tags (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2464,17 +2577,17 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "中継するプロキシターゲット PAM です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -2483,12 +2596,12 @@ msgstr "" "をここに追加する必要があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2499,7 +2612,7 @@ msgstr "" "_nss_files_getpwent です。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -2508,12 +2621,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "ローカルドメインのセクション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2524,27 +2637,27 @@ msgstr "" "メインに対する設定を含みます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "default_shell (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "SSSD ユーザー空間ツールを用いて作成されたユーザーの初期シェルです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "初期値: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "base_directory (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -2553,17 +2666,17 @@ msgstr "" "ホームディレクトリーとして使用します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "初期値: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "create_homedir (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -2572,17 +2685,17 @@ msgstr "" "す。コマンドラインにおいて上書きできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "初期値: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "remove_homedir (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -2591,12 +2704,12 @@ msgstr "" "す。コマンドラインにおいて上書きできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "homedir_umask (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2607,17 +2720,17 @@ msgstr "" "manvolnum> </citerefentry> により使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "初期値: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "skel_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2630,17 +2743,17 @@ msgstr "" "を含む、スケルトンディレクトリーです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "初期値: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "mail_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2651,17 +2764,17 @@ msgstr "" "が使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "初期値: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "userdel_cmd (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2672,18 +2785,19 @@ msgstr "" "せん。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "初期値: なし、コマンドを実行しません" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 +#: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "例" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2737,7 +2851,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2905,7 +3019,7 @@ msgstr "" "な LDAP 検索フィルターである必要があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "例:" @@ -3111,7 +3225,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "ユーザーのプライマリーグループ ID に対応する LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "初期値: gidNumber" @@ -3162,26 +3276,11 @@ msgstr "初期値: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "ldap_user_uuid (文字列)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "LDAP ユーザーオブジェクトの UUID/GUID を含む LDAP 属性です。" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "初期値: nsUniqueId" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -3190,36 +3289,36 @@ msgstr "" "ActiveDirectory サーバーに対してのみ必要です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" "初期値: ActiveDirectory の objectSid です、他のサーバーに対して設定sれませ" "ん。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "親オブジェクトの最終変更のタイムスタンプを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "初期値: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3232,17 +3331,17 @@ msgstr "" "含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "初期値: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3255,17 +3354,17 @@ msgstr "" "みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "初期値: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3278,17 +3377,17 @@ msgstr "" "みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "初期値: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3301,17 +3400,17 @@ msgstr "" "みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "初期値: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3324,17 +3423,17 @@ msgstr "" "みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "初期値: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -3347,17 +3446,17 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "初期値: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -3367,17 +3466,17 @@ msgstr "" "の最終パスワード変更日時を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "初期値: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -3386,17 +3485,17 @@ msgstr "" "ワード失効日時を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "初期値: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -3405,17 +3504,17 @@ msgstr "" "失効日時を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "初期値: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -3424,17 +3523,17 @@ msgstr "" "ウントの制御ビット項目を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "初期値: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -3443,17 +3542,17 @@ msgstr "" "ターがアクセスが許可されるかされないかを決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "初期値: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -3462,17 +3561,17 @@ msgstr "" "かをこの属性が決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "初期値: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -3481,12 +3580,12 @@ msgstr "" "いつまで許可されるのかを決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -3495,41 +3594,41 @@ msgstr "" "れるときの一週間の日の時間を決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "初期値: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "ユーザーの Kerberos User Principal Name (UPN) を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "初期値: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3539,7 +3638,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3547,46 +3646,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "ユーザーの SSH 公開鍵を含む LDAP 属性です。" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +#, fuzzy +#| msgid "Default: sudoRole" +msgid "Default: sshPublicKey" +msgstr "初期値: sudoRole" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3598,12 +3704,12 @@ msgstr "" "場合、このオプションを 0 以外に設定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -3611,12 +3717,12 @@ msgstr "" "SSSD が列挙レコードのキャッシュを更新する前に待つ必要がある秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3627,53 +3733,55 @@ msgstr "" "削除する間隔を決めます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "キャッシュ削除操作を無効にする 0 をこのオプションを設定する方法です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" +#: sssd-ldap.5.xml:711 +#, fuzzy +#| msgid "Default: 10800 (12 hours)" +msgid "Default: 10800 (3 hours)" msgstr "初期値: 10800 (12 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "ユーザーの完全名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 -#: sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "初期値: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "ユーザーのグループメンバーを一覧にする LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "初期値: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -3684,7 +3792,7 @@ msgstr "" "authorizedService 属性を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -3693,7 +3801,7 @@ msgstr "" "索します。最後にすべて許可 (*) を検索します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -3701,17 +3809,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "初期値: authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -3722,7 +3830,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -3731,7 +3839,7 @@ msgstr "" "索します。最後にすべて許可 (*) が検索されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -3739,77 +3847,67 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "初期値: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "LDAP にあるグループエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "初期値: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "ldap_group_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "グループ名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "グループの ID に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "ldap_group_member (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "グループのメンバーの名前を含む LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "初期値: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "ldap_group_uuid (文字列)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "LDAP グループオブジェクトの UUID/GUID を含む LDAP の属性です。" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -3818,24 +3916,24 @@ msgstr "" "ActiveDirectory サーバーに対してのみ必要です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -3843,17 +3941,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3864,7 +3962,7 @@ msgstr "" "のオプションは RFC2307 スキーマにおいて効果がありません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -3874,7 +3972,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -3883,17 +3981,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "初期値: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3901,14 +3999,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3916,7 +4014,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3925,18 +4023,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 -#: sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 +#: sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "初期値: 偽" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3944,81 +4042,86 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "初期値: True" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "LDAP にあるネットワークグループエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "IPA プロバイダーにおいては ipa_netgroup_object_class が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "初期値: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "ネットワークグループ名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "IPA プロバイダーにおいては ipa_netgroup_name が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "ネットワークグループのメンバーの名前を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "IPA プロバイダーにおいては ipa_netgroup_member が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "初期値: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -4026,107 +4129,90 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "このオプションは IPA プロバイダーにおいて利用可能ではありません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "初期値: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "ldap_netgroup_uuid (文字列)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" -"LDAP ネットワークグループオブジェクトの UUID/GUID を含む LDAP 属性です。" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "IPA プロバイダーにおいては ipa_netgroup_uuid が代わりに使用されます。" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "LDAP にあるサービスエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "初期値: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "ldap_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "サービス属性の名前とそのエイリアスを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "ldap_service_port (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "このサービスにより管理されるポートを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "初期値: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "このサービスにより認識されるプロトコルを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "初期値: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -4134,7 +4220,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4145,12 +4231,12 @@ msgstr "" "かもしれません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4158,12 +4244,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -4179,12 +4265,12 @@ msgstr "" "citerefentry> が未使用を返した後のタイムアウト(秒単位)を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -4194,12 +4280,12 @@ msgstr "" "を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -4208,17 +4294,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "初期値: 900 (15 分)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -4227,17 +4313,17 @@ msgstr "" "バーは 1 要求あたりの最大数の制限を強制します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "初期値: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -4248,7 +4334,7 @@ msgstr "" "ことを報告する場合に、このオプションが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -4258,7 +4344,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -4269,17 +4355,17 @@ msgstr "" "があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "Active Directory の範囲の取得を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -4289,12 +4375,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -4302,17 +4388,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -4320,13 +4406,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -4335,7 +4421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -4343,12 +4429,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -4357,7 +4443,7 @@ msgstr "" "クするものを指定します。以下の値のうち 1 つを指定できます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -4366,7 +4452,7 @@ msgstr "" "確認しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4377,7 +4463,7 @@ msgstr "" "無視され、セッションが通常通り進められます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4388,7 +4474,7 @@ msgstr "" "ンが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -4398,22 +4484,22 @@ msgstr "" "なければ、もしくは不正な証明書が提供されれば、セッションが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = <quote>demand</quote> と同じです" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "初期値: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -4423,7 +4509,7 @@ msgstr "" "書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -4432,12 +4518,12 @@ msgstr "" "filename> にあります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4450,32 +4536,32 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "クライアントのキーに対する証明書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "クライアントのキーを含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4486,12 +4572,12 @@ msgstr "" "<manvolnum>5</manvolnum></citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -4500,12 +4586,12 @@ msgstr "" "用する必要がある id_provider 接続を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4513,18 +4599,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "この機能は現在 ActiveDirectory objectSID マッピングのみサポートします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "ldap_min_id, ldap_max_id (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4535,17 +4621,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -4554,12 +4640,12 @@ msgstr "" "れます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4568,17 +4654,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "初期値: host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4586,17 +4672,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "初期値: krb5_realm の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -4605,33 +4691,33 @@ msgstr "" "するために逆引きを実行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "初期値: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "SASL/GSSAPI を使用するときに使用するキーテーブルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "初期値: システムのキーテーブル、通常 <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4642,27 +4728,27 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "GSSAPI が使用されている場合、TGT の有効期間を秒単位で指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "初期値: 86400 (24 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4674,7 +4760,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4685,7 +4771,7 @@ msgstr "" "ば _tcp にフォールバックします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4696,27 +4782,27 @@ msgstr "" "quote> を使用するよう設定ファイルを移行することが推奨されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "(SASL/GSSAPI 認証向け) Kerberos レルムを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "初期値: システムの初期値、<filename>/etc/krb5.conf</filename> 参照。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -4725,12 +4811,12 @@ msgstr "" "します。この機能は MIT Kerberos >= 1.7 で利用可能です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4740,7 +4826,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4751,12 +4837,12 @@ msgstr "" "manvolnum> </citerefentry> マニュアルページを参照ください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -4765,7 +4851,7 @@ msgstr "" "す。以下の値が許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -4774,7 +4860,7 @@ msgstr "" "ンはサーバー側のパスワードポリシーを無効にできません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4785,7 +4871,7 @@ msgstr "" "manvolnum></citerefentry> 形式の属性を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4796,24 +4882,24 @@ msgstr "" "とき、これらの属性を更新するために chpass_provider=krb5 を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "自動参照追跡が有効化されるかを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -4822,7 +4908,7 @@ msgstr "" "sssd のみが参照追跡をサポートすることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4831,28 +4917,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "サービス検索が有効にされているときに使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "初期値: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -4861,29 +4947,29 @@ msgstr "" "を検索するために使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "初期値: 設定されていません、つまりサービス検索が無効にされています" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4899,12 +4985,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "例:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4913,14 +4999,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4933,17 +5019,17 @@ msgstr "" "た同様です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "初期値: 空白" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -4952,7 +5038,7 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4963,12 +5049,12 @@ msgstr "" "否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "以下の値が許可されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -4977,7 +5063,7 @@ msgstr "" "ldap_user_shadow_expire の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4986,7 +5072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4997,7 +5083,7 @@ msgstr "" "ldap_ns_account_lock の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5010,7 +5096,7 @@ msgstr "" "クセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5018,28 +5104,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "ldap_access_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "アクセス制御オプションのカンマ区切り一覧です。許可される値は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: ldap_access_filter を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: ldap_account_expire_policy を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -5048,30 +5142,56 @@ msgstr "" "authorizedService 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: アクセス権を決めるために host 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "初期値: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "値が複数使用されていると設定エラーになることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +#, fuzzy +#| msgid "ldap_pwd_policy (string)" +msgid "ldap_pwdlockout_dn (string)" +msgstr "ldap_pwd_policy (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "ldap_deref (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -5080,12 +5200,12 @@ msgstr "" "ションが許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: エイリアスが参照解決されません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -5094,7 +5214,7 @@ msgstr "" "決されますが、検索のベースオブジェクトの位置を探すときはされません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -5103,7 +5223,7 @@ msgstr "" "すときのみ参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -5112,7 +5232,7 @@ msgstr "" "きも位置を検索するときも参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -5121,19 +5241,19 @@ msgstr "" "して取り扱われます)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -5144,7 +5264,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -5167,12 +5287,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "SUDO オプション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -5180,52 +5300,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "LDAP にある sudo ルールエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "初期値: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "sudo ルール名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "コマンド名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "初期値: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -5234,17 +5354,17 @@ msgstr "" "クグループ)に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "初期値: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -5253,49 +5373,49 @@ msgstr "" "る LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "初期値: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "sudo オプションに対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "初期値: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "コマンドを実行するユーザー名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "初期値: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -5303,34 +5423,34 @@ msgstr "" "コマンドを実行するグループ名またはグループの GID に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "初期値: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "sudo ルールが有効になる開始日時に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "初期値: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -5339,39 +5459,39 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "初期値: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "ルールの並び替えインデックスに対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "初期値: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -5380,17 +5500,17 @@ msgstr "" "ります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "初期値: 21600 (6 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -5398,31 +5518,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -5431,15 +5551,15 @@ msgstr "" "区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -5448,17 +5568,17 @@ msgstr "" "ならば、このオプションは効果を持ちません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "初期値: 指定なし" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -5467,7 +5587,7 @@ msgstr "" "アドレスの空白区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -5475,31 +5595,31 @@ msgstr "" "このオプションが空白ならば、SSSD は自動的にアドレスを検索しようとします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -5511,74 +5631,74 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> を参照してください" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "AUTOFS オプション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "初期値は RFC2307 の標準スキーマに対応することに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "LDAP にある automount マップエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "初期値: automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "LDAP における automount のマップエントリーの名前です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "初期値: ou" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -5587,17 +5707,17 @@ msgstr "" "ントと対応します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "初期値: automountInformation" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5606,37 +5726,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "高度なオプション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5647,7 +5767,7 @@ msgstr "" "さい。 <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5658,7 +5778,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5678,20 +5798,20 @@ msgstr "" " cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 -#: sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 +#: sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "注記" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6269,7 +6389,7 @@ msgstr "" "使用される完全修飾名を反映しないマシンにおいて設定されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "dyndns_update (論理値)" @@ -6284,7 +6404,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -6302,12 +6422,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -6328,12 +6448,12 @@ msgid "Default: 1200 (seconds)" msgstr "初期値: 1200 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "dyndns_iface (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -6375,12 +6495,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -6388,12 +6508,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -6412,12 +6532,12 @@ msgid "Default: False (disabled)" msgstr "初期値: False (無効)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -6426,7 +6546,7 @@ msgstr "" "どうか。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -6531,7 +6651,7 @@ msgstr "" "取得された TGT が改ざんされていないかを krb5_keytab の支援で確認します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6633,7 +6753,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "初期値: 5 (秒)" @@ -7122,9 +7242,400 @@ msgstr "" msgid "Default: permissive" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +#, fuzzy +#| msgid "ldap_purge_cache_timeout (integer)" +msgid "ad_gpo_cache_timeout (integer)" +msgstr "ldap_purge_cache_timeout (整数)" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_interactive (string)" +msgstr "ad_domain (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>login</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 +#: sssd-ad.5.xml:559 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +#, fuzzy +#| msgid "login UID" +msgid "login" +msgstr "ログイン UID" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +#, fuzzy +#| msgid "password" +msgid "gdm-password" +msgstr "password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +#, fuzzy +#| msgid "ldap_user_shadow_inactive (string)" +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "ldap_user_shadow_inactive (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>sshd</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_network (string)" +msgstr "ad_domain (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>ftp</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_batch (string)" +msgstr "ad_domain (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>crond</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +#, fuzzy +#| msgid "ldap_service_name (string)" +msgid "ad_gpo_map_service (string)" +msgstr "ldap_service_name (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +msgid "" +"It is possible to add a PAM service name to the default set by using <quote>" +"+service_name</quote>. Since the default set is empty, it is not possible " +"to remove a PAM service name from the default set. For example, in order to " +"add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " +"would use the following configuration: <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_permit (string)" +msgstr "ad_domain (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +#, fuzzy +#| msgid "sssd-sudo" +msgid "sudo" +msgstr "sssd-sudo" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_deny (string)" +msgstr "ad_domain (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +#, fuzzy +#| msgid "ldap_default_authtok (string)" +msgid "ad_gpo_default_right (string)" +msgstr "ldap_default_authtok (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +msgid "Supported values for this option include:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +#, fuzzy +#| msgid "services" +msgid "service" +msgstr "services" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +#, fuzzy +#| msgid "Default: cn" +msgid "Default: deny" +msgstr "初期値: cn" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -7134,22 +7645,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "初期値: 3600 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "初期値: AD の LDAP 接続の IP アドレスを使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "krb5_use_enterprise_principal (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." @@ -7159,7 +7670,7 @@ msgstr "" "してください。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -7170,7 +7681,7 @@ msgstr "" "AD プロバイダー固有のオプションのみ示してします。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -7194,7 +7705,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7206,7 +7717,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -7214,10 +7725,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> @@ -7628,27 +8142,32 @@ msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" -"SSSD に 1 分間オフライン操作をシミュレーションするよう指示します。テスト目的" -"のためにほぼ有用です。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 +#, fuzzy +#| msgid "" +#| "Tells the SSSD to go online immediately. This is mostly useful for " +#| "testing purposes." msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" "SSSD に直ちにオンラインになるよう指示します。テスト目的のためにほぼ有用です。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -9010,6 +9529,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 +#, fuzzy +#| msgid "" +#| "<option>-u</option>,<option>--user</option> <replaceable>login</" +#| "replaceable>" +msgid "" +"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" +"replaceable>" +msgstr "" +"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:167 +#, fuzzy +#| msgid "Invalidate specific user." +msgid "Invalidate SSH public keys of a specific host." +msgstr "特定のユーザーを無効にします。" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +#, fuzzy +#| msgid "<option>-s</option>,<option>--stdin</option>" +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "<option>-s</option>,<option>--stdin</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +#, fuzzy +#| msgid "" +#| "Invalidate all autofs maps. This option overrides invalidation of " +#| "specific map if it was also set." +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" +"すべての autofs マップを無効化します。このオプションは特定のマップが設定され" +"ていても、その無効化を上書きします。" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>domain</" "replaceable>" @@ -9018,7 +9576,7 @@ msgstr "" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_cache.8.xml:167 +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "無効化プロセスを特定のドメインのみに制限します。" @@ -9333,6 +9891,182 @@ msgstr "" msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" +"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " +"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" +"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " +"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" +"author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +#, fuzzy +#| msgid "sss_groupmod" +msgid "sss_rpcidmapd" +msgstr "sss_groupmod" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "CONFIGURATION FILE" +msgstr "設定オプション" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +#, fuzzy +#| msgid "" +#| "Specifies acceptable cipher suites. Typically this is a colon sperated " +#| "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " +#| "<manvolnum>5</manvolnum></citerefentry> for format." +msgid "" +"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." +"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." +msgstr "" +"利用可能な暗号機能を指定します。これは一般的にコロン区切りの一覧です。形式に" +"ついては <citerefentry><refentrytitle>ldap.conf</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> を参照してください。" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "SSS CONFIGURATION EXTENSION" +msgstr "設定オプション" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +#, fuzzy +#| msgid "The [sssd] section" +msgid "[sss] config section" +msgstr "[sssd] セクション" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +#, fuzzy +#| msgid "Configuration" +msgid "Configuration attributes" +msgstr "設定" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +#, fuzzy +#| msgid "enumerate (bool)" +msgid "memcache (bool)" +msgstr "enumerate (論理値)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +#, fuzzy +#| msgid "" +#| "The following expansions are supported: <placeholder type=\"variablelist" +#| "\" id=\"0\"/>" +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"以下の拡張モジュールがサポートされます: <placeholder type=\"variablelist\" " +"id=\"0\"/>" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "関連項目" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +#, fuzzy +#| msgid "" +#| "The IPA provider accepts the same options used by the <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> identity provider and the <citerefentry> " +#| "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> authentication provider with some exceptions described " +#| "below." +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" +"IPA プロバイダーは <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> 識別プロバイダーおよび " +"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> 認証プロバイダーにより使用されるものと同じオプショ" +"ンを受け付けます。いくつかの例外は以下に説明されています。" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -10254,11 +10988,6 @@ msgid "" "local LDB storage to store users and groups." msgstr "" -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "関連項目" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 msgid "" @@ -10299,7 +11028,9 @@ msgid "" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" msgstr "" #. type: Content of: <listitem><para> @@ -10450,3 +11181,39 @@ msgstr "" #: include/homedir_substring.xml:15 msgid "Default: /home" msgstr "" + +#~ msgid "ldap_user_uuid (string)" +#~ msgstr "ldap_user_uuid (文字列)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP user object." +#~ msgstr "LDAP ユーザーオブジェクトの UUID/GUID を含む LDAP 属性です。" + +#~ msgid "Default: nsUniqueId" +#~ msgstr "初期値: nsUniqueId" + +#~ msgid "ldap_group_uuid (string)" +#~ msgstr "ldap_group_uuid (文字列)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP group object." +#~ msgstr "LDAP グループオブジェクトの UUID/GUID を含む LDAP の属性です。" + +#~ msgid "ldap_netgroup_uuid (string)" +#~ msgstr "ldap_netgroup_uuid (文字列)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." +#~ msgstr "" +#~ "LDAP ネットワークグループオブジェクトの UUID/GUID を含む LDAP 属性です。" + +#~ msgid "In IPA provider, ipa_netgroup_uuid should be used instead." +#~ msgstr "" +#~ "IPA プロバイダーにおいては ipa_netgroup_uuid が代わりに使用されます。" + +#~ msgid "" +#~ "Tells the SSSD to simulate offline operation for one minute. This is " +#~ "mostly useful for testing purposes." +#~ msgstr "" +#~ "SSSD に 1 分間オフライン操作をシミュレーションするよう指示します。テスト目" +#~ "的のためにほぼ有用です。" diff --git a/src/man/po/lv.po b/src/man/po/lv.po index a58174bf8..b38af553a 100644 --- a/src/man/po/lv.po +++ b/src/man/po/lv.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-07-09 19:18+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: 2014-06-04 18:04+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Latvian (http://www.transifex.com/projects/p/sssd/language/" @@ -28,8 +28,8 @@ msgstr "" #: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 #: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 #: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 -#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 -#: sss_ssh_knownhostsproxy.1.xml:5 +#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 +#: sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "" @@ -125,14 +125,14 @@ msgstr "sssd.conf" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 -#: sssd-ifp.5.xml:11 +#: sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 -#: sssd-ifp.5.xml:12 +#: sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "" @@ -224,11 +224,11 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 -#: sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 -#: sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 +#: sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 +#: sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 #: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "" @@ -243,16 +243,16 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 -#: sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 +#: sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -274,7 +274,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "Noklusējuma: 10" @@ -289,7 +289,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "" @@ -326,19 +326,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "" @@ -358,7 +358,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "" @@ -378,12 +378,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -391,39 +391,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -521,12 +521,42 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 -#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 -#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +msgid "override_space (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +msgid "Default: not set (spaces will not be replaced)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -539,12 +569,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -553,22 +583,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -578,17 +608,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -596,19 +626,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 -#: sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 -#: sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 +#: sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 +#: sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "Noklusējuma: 60" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the <quote>timeout</" "quote> option), it is first sent the SIGTERM signal that instructs it to " @@ -618,53 +648,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +msgid "offline_timeout + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -672,7 +727,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -682,7 +737,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -691,17 +746,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -709,17 +764,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "Noklusējuma: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -728,41 +783,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -770,22 +825,22 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -793,186 +848,186 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "Noklusējuma: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "Noklusējuma: 0 (bez ierobežojuma)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -980,59 +1035,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "Noklusējuma: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1040,7 +1095,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1049,17 +1104,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1067,31 +1122,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1102,34 +1157,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1137,51 +1192,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1193,7 +1248,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1204,24 +1259,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1229,12 +1284,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1243,24 +1298,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1269,47 +1324,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1321,14 +1376,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1337,39 +1392,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1378,24 +1433,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1406,137 +1461,152 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 -#: sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +#, fuzzy +#| msgid "timeout (integer)" +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "noildze (vesels skaitlis)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1545,17 +1615,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "Noklusējuma: 0 (neierobežots)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1564,33 +1634,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1598,8 +1668,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 -#: sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1608,8 +1678,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1617,19 +1687,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1638,7 +1708,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -1646,17 +1716,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -1664,19 +1734,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1684,7 +1754,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1692,30 +1762,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1723,19 +1793,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1744,24 +1814,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "Noklusējuma: <quote>atļaut</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1769,7 +1839,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1777,35 +1847,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1813,32 +1883,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 -#: sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -1849,12 +1919,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1862,7 +1932,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1870,31 +1940,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1902,23 +1972,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1926,7 +1996,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1934,24 +2004,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1959,12 +2029,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -1974,7 +2044,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -1983,29 +2053,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2013,7 +2083,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2021,66 +2091,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Noklusējuma: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "Atbalstītās vērtības:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2088,62 +2158,95 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 -#: sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "Noklusējuma: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +msgid "case_sensitive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" +#: sssd.conf.5.xml:1916 +msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2152,22 +2255,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2177,29 +2280,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2207,29 +2310,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2237,19 +2340,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2257,73 +2360,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "Noklusējuma: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2331,17 +2434,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "Noklusējuma: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2350,17 +2453,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "Noklusējuma: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2368,17 +2471,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "Noklusējuma: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2386,18 +2489,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 +#: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "PIEMĒRS" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2427,7 +2531,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2573,7 +2677,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "" @@ -2773,7 +2877,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "" @@ -2824,60 +2928,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2886,17 +2975,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2905,17 +2994,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "Noklusējuma: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2924,17 +3013,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "Noklusējuma: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2943,17 +3032,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2962,17 +3051,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -2981,17 +3070,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -2999,155 +3088,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3157,7 +3246,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3165,46 +3254,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +#, fuzzy +#| msgid "Default: uid" +msgid "Default: sshPublicKey" +msgstr "Noklusējuma: uid" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3213,24 +3309,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3238,53 +3334,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" +#: sssd-ldap.5.xml:711 +#, fuzzy +#| msgid "Default: 10800 (12 hours)" +msgid "Default: 10800 (3 hours)" msgstr "Noklusējuma: 10800 (12 stundas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 -#: sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -3292,14 +3390,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -3307,17 +3405,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -3325,14 +3423,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -3340,101 +3438,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "Noklusējuma: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -3442,17 +3530,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3460,7 +3548,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -3470,7 +3558,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -3479,17 +3567,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3497,14 +3585,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3512,7 +3600,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3521,18 +3609,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 -#: sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 +#: sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3540,184 +3628,173 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3725,7 +3802,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3733,12 +3810,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3746,12 +3823,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3762,12 +3839,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3775,12 +3852,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3789,34 +3866,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3824,14 +3901,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3839,17 +3916,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3859,12 +3936,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3872,17 +3949,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3890,13 +3967,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3905,7 +3982,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3913,26 +3990,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3940,7 +4017,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3948,7 +4025,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3956,41 +4033,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -3999,32 +4076,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4032,24 +4109,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4057,17 +4134,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4078,29 +4155,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4109,17 +4186,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4127,49 +4204,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4177,27 +4254,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "Noklusējuma: 86400 (24 stundas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4209,7 +4286,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4217,7 +4294,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4225,39 +4302,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4267,7 +4344,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4275,26 +4352,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4302,7 +4379,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4310,31 +4387,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4343,56 +4420,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "Noklusējuma: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4408,12 +4485,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "Piemērs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4422,14 +4499,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4438,24 +4515,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4463,19 +4540,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "Atļautas šādas vērtības:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4484,7 +4561,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4492,7 +4569,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4501,7 +4578,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4509,108 +4586,140 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "Noklusējuma: filtrēt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +msgid "ldap_pwdlockout_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4621,7 +4730,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4639,12 +4748,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4652,208 +4761,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4861,101 +4970,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4964,91 +5073,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5057,37 +5166,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "PAPLAŠINĀTĀS IESPĒJAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5095,7 +5204,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5103,7 +5212,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5116,20 +5225,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 -#: sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 +#: sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "PIEZĪMES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5611,7 +5720,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "" @@ -5626,7 +5735,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5641,12 +5750,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5667,12 +5776,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5714,12 +5823,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5727,12 +5836,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5751,19 +5860,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5857,7 +5966,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -5944,7 +6053,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "" @@ -6398,9 +6507,380 @@ msgstr "" msgid "Default: permissive" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +#, fuzzy +#| msgid "timeout (integer)" +msgid "ad_gpo_cache_timeout (integer)" +msgstr "noildze (vesels skaitlis)" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +msgid "ad_gpo_map_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>login</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 +#: sssd-ad.5.xml:559 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +#, fuzzy +#| msgid "password" +msgid "gdm-password" +msgstr "parole" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>sshd</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +msgid "ad_gpo_map_network (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>ftp</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +msgid "ad_gpo_map_batch (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>crond</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +msgid "ad_gpo_map_service (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +msgid "" +"It is possible to add a PAM service name to the default set by using <quote>" +"+service_name</quote>. Since the default set is empty, it is not possible " +"to remove a PAM service name from the default set. For example, in order to " +"add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " +"would use the following configuration: <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +msgid "ad_gpo_map_permit (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +msgid "ad_gpo_map_deny (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +msgid "ad_gpo_default_right (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +msgid "Supported values for this option include:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +#, fuzzy +#| msgid "services" +msgid "service" +msgstr "pakalpojumi" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +#, fuzzy +#| msgid "Default: uid" +msgid "Default: deny" +msgstr "Noklusējuma: uid" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6410,29 +6890,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6440,7 +6920,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6455,7 +6935,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6464,7 +6944,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6472,10 +6952,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> @@ -6851,24 +7334,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -8036,12 +8522,36 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" "replaceable>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:167 +msgid "Invalidate SSH public keys of a specific host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "" @@ -8338,6 +8848,147 @@ msgstr "" msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" +"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " +"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" +"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " +"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" +"author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +msgid "sss_rpcidmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "CONFIGURATION FILE" +msgstr "KONFIGURĒŠANAS IESPĒJAS" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +msgid "" +"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." +"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "SSS CONFIGURATION EXTENSION" +msgstr "KONFIGURĒŠANAS IESPĒJAS" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +msgid "[sss] config section" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +msgid "Configuration attributes" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +msgid "memcache (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "SKATĪT ARĪ" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -9168,11 +9819,6 @@ msgid "" "local LDB storage to store users and groups." msgstr "" -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "SKATĪT ARĪ" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 msgid "" @@ -9213,7 +9859,9 @@ msgid "" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" msgstr "" #. type: Content of: <listitem><para> diff --git a/src/man/po/nl.po b/src/man/po/nl.po index fe5eec242..c1314006c 100644 --- a/src/man/po/nl.po +++ b/src/man/po/nl.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-07-09 19:18+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: 2014-06-04 18:04+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Dutch (http://www.transifex.com/projects/p/sssd/language/" @@ -26,8 +26,8 @@ msgstr "" #: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 #: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 #: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 -#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 -#: sss_ssh_knownhostsproxy.1.xml:5 +#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 +#: sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "SSSD handleiding" @@ -137,14 +137,14 @@ msgstr "sssd.conf" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 -#: sssd-ifp.5.xml:11 +#: sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 -#: sssd-ifp.5.xml:12 +#: sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "Bestandsformaten en conventies" @@ -251,11 +251,11 @@ msgid "Add a timestamp to the debug messages" msgstr "Voeg een tijdstempel toe aan de debugberichten" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 -#: sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 -#: sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 +#: sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 +#: sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 #: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "Standaard: true" @@ -270,16 +270,16 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 -#: sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 +#: sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -301,7 +301,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "" @@ -316,7 +316,7 @@ msgid "The [sssd] section" msgstr "De [sssd] sectie" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "Sectie parameters" @@ -356,12 +356,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" @@ -370,7 +370,7 @@ msgstr "" "Data Aanbieder crashed of opnieuw start voordat dit opgegeven wordt" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "Standaard: 3" @@ -390,7 +390,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "re_expression (tekst)" @@ -410,12 +410,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "full_name_format (tekst)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -423,39 +423,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -567,12 +567,44 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 -#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 -#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +#, fuzzy +#| msgid "re_expression (string)" +msgid "override_space (string)" +msgstr "re_expression (tekst)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +msgid "Default: not set (spaces will not be replaced)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -585,12 +617,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "SERVICES SECTIE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -599,22 +631,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "Algemene service configuratie-opties" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "Deze opties kunnen gebruikt worden om services te configureren." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -624,17 +656,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -642,19 +674,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 -#: sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 -#: sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 +#: sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 +#: sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the <quote>timeout</" "quote> option), it is first sent the SIGTERM signal that instructs it to " @@ -664,25 +696,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +msgid "offline_timeout + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "NSS configuratie-opties" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -690,12 +747,12 @@ msgstr "" "configurere." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -704,17 +761,17 @@ msgstr "" "over alle gebruikers)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "Standaard: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -722,7 +779,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -732,7 +789,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -741,17 +798,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -759,17 +816,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -778,41 +835,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -820,22 +877,22 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -843,186 +900,186 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1030,59 +1087,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1090,7 +1147,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1099,17 +1156,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1117,31 +1174,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "Standaard: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1152,34 +1209,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1187,51 +1244,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1243,7 +1300,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1254,24 +1311,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1279,12 +1336,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1293,24 +1350,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1319,47 +1376,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1371,14 +1428,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1387,39 +1444,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1428,24 +1485,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1456,137 +1513,152 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 -#: sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +#, fuzzy +#| msgid "enum_cache_timeout (integer)" +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "enum_cache_timeout (numeriek)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1595,17 +1667,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1614,33 +1686,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1648,8 +1720,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 -#: sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1658,8 +1730,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1667,19 +1739,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1688,7 +1760,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -1696,17 +1768,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -1714,19 +1786,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1734,7 +1806,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1742,30 +1814,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1773,19 +1845,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1794,24 +1866,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1819,7 +1891,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1827,35 +1899,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1863,32 +1935,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 -#: sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -1899,12 +1971,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1912,7 +1984,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1920,31 +1992,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1952,23 +2024,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1976,7 +2048,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1984,24 +2056,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2009,12 +2081,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2024,7 +2096,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2033,29 +2105,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2066,7 +2138,7 @@ msgstr "" "het domein alles daarna\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2074,7 +2146,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -2083,59 +2155,59 @@ msgstr "" "(?P<name>) om subpatronen aan te geven." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Standaard: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2143,62 +2215,97 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 -#: sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +#, fuzzy +#| msgid "re_expression (string)" +msgid "case_sensitive (string)" +msgstr "re_expression (tekst)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" +#: sssd.conf.5.xml:1916 +msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2207,22 +2314,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2232,29 +2339,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2262,29 +2369,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2292,19 +2399,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2312,73 +2419,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2386,17 +2493,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2405,17 +2512,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2423,17 +2530,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2441,18 +2548,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 +#: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2482,7 +2590,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2628,7 +2736,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "" @@ -2828,7 +2936,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "" @@ -2879,60 +2987,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2941,17 +3034,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2960,17 +3053,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2979,17 +3072,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2998,17 +3091,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3017,17 +3110,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -3036,17 +3129,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -3054,155 +3147,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3212,7 +3305,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3220,46 +3313,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +#, fuzzy +#| msgid "Default: true" +msgid "Default: sshPublicKey" +msgstr "Standaard: true" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3268,24 +3368,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3293,53 +3393,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" -msgstr "" +#: sssd-ldap.5.xml:711 +#, fuzzy +#| msgid "Default: 120" +msgid "Default: 10800 (3 hours)" +msgstr "Standaard: 120" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 -#: sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -3347,14 +3449,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -3362,17 +3464,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -3380,14 +3482,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -3395,101 +3497,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -3497,17 +3589,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3515,7 +3607,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -3525,7 +3617,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -3534,17 +3626,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3552,14 +3644,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3567,7 +3659,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3576,18 +3668,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 -#: sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 +#: sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3595,184 +3687,173 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3780,7 +3861,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3788,12 +3869,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3801,12 +3882,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3817,12 +3898,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3830,12 +3911,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3844,34 +3925,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3879,14 +3960,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3894,17 +3975,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3914,12 +3995,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3927,17 +4008,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3945,13 +4026,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3960,7 +4041,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3968,26 +4049,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3995,7 +4076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4003,7 +4084,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -4011,41 +4092,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4054,32 +4135,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4087,24 +4168,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4112,17 +4193,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4133,29 +4214,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4164,17 +4245,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4182,49 +4263,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4232,27 +4313,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4264,7 +4345,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4272,7 +4353,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4280,39 +4361,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4322,7 +4403,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4330,26 +4411,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4357,7 +4438,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4365,31 +4446,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4398,56 +4479,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4463,12 +4544,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4477,14 +4558,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4493,24 +4574,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4518,19 +4599,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4539,7 +4620,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4547,7 +4628,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4556,7 +4637,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4564,108 +4645,140 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +msgid "ldap_pwdlockout_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4676,7 +4789,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4694,12 +4807,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4707,208 +4820,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4916,101 +5029,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -5019,91 +5132,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5112,37 +5225,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5150,7 +5263,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5158,7 +5271,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5171,20 +5284,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 -#: sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 +#: sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5666,7 +5779,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "" @@ -5681,7 +5794,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5696,12 +5809,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5722,12 +5835,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5769,12 +5882,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5782,12 +5895,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5806,19 +5919,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5912,7 +6025,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -5999,7 +6112,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "" @@ -6453,9 +6566,380 @@ msgstr "" msgid "Default: permissive" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +#, fuzzy +#| msgid "enum_cache_timeout (integer)" +msgid "ad_gpo_cache_timeout (integer)" +msgstr "enum_cache_timeout (numeriek)" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +msgid "ad_gpo_map_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>login</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 +#: sssd-ad.5.xml:559 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>sshd</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +msgid "ad_gpo_map_network (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>ftp</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +#, fuzzy +#| msgid "full_name_format (string)" +msgid "ad_gpo_map_batch (string)" +msgstr "full_name_format (tekst)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>crond</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +msgid "ad_gpo_map_service (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +msgid "" +"It is possible to add a PAM service name to the default set by using <quote>" +"+service_name</quote>. Since the default set is empty, it is not possible " +"to remove a PAM service name from the default set. For example, in order to " +"add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " +"would use the following configuration: <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +msgid "ad_gpo_map_permit (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +msgid "ad_gpo_map_deny (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +msgid "ad_gpo_default_right (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +msgid "Supported values for this option include:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +#, fuzzy +#| msgid "services" +msgid "service" +msgstr "diensten" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: deny" +msgstr "Standaard: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6465,29 +6949,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6495,7 +6979,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6510,7 +6994,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6519,7 +7003,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6527,10 +7011,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> @@ -6906,24 +7393,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -8090,13 +8580,49 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 +#, fuzzy +#| msgid "" +#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" +#| "replaceable>" msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" "replaceable>" msgstr "" +"<option>-a</option>,<option>--append-group</option> <replaceable>GROEPEN</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:167 +msgid "Invalidate SSH public keys of a specific host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +#, fuzzy +#| msgid "" +#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" +#| "replaceable>" +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "" +"<option>-a</option>,<option>--append-group</option> <replaceable>GROEPEN</" +"replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "" @@ -8393,6 +8919,149 @@ msgstr "" msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" +"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " +"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" +"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " +"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" +"author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +#, fuzzy +#| msgid "sss_groupmod" +msgid "sss_rpcidmapd" +msgstr "sss_groupmod" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +msgid "CONFIGURATION FILE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +msgid "" +"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." +"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +msgid "SSS CONFIGURATION EXTENSION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +#, fuzzy +#| msgid "The [sssd] section" +msgid "[sss] config section" +msgstr "De [sssd] sectie" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +#, fuzzy +#| msgid "NSS configuration options" +msgid "Configuration attributes" +msgstr "NSS configuratie-opties" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +msgid "memcache (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "ZIE OOK" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -9223,11 +9892,6 @@ msgid "" "local LDB storage to store users and groups." msgstr "" -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "ZIE OOK" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 msgid "" @@ -9268,7 +9932,9 @@ msgid "" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" msgstr "" #. type: Content of: <listitem><para> diff --git a/src/man/po/pt.po b/src/man/po/pt.po index 9aaf3a21a..712be3c4a 100644 --- a/src/man/po/pt.po +++ b/src/man/po/pt.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-07-09 19:18+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: 2014-06-04 18:04+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Portuguese (http://www.transifex.com/projects/p/sssd/language/" @@ -26,8 +26,8 @@ msgstr "" #: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 #: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 #: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 -#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 -#: sss_ssh_knownhostsproxy.1.xml:5 +#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 +#: sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "Páginas de Manual de SSSD" @@ -137,14 +137,14 @@ msgstr "sssd.conf" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 -#: sssd-ifp.5.xml:11 +#: sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 -#: sssd-ifp.5.xml:12 +#: sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "Formatos de ficheiros e convenções" @@ -246,11 +246,11 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 -#: sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 -#: sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 +#: sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 +#: sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 #: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "" @@ -265,16 +265,16 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 -#: sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 +#: sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "Padrão: false" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -296,7 +296,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "Padrão: 10" @@ -311,7 +311,7 @@ msgid "The [sssd] section" msgstr "A seção [SSSD]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "Parâmetros de secção" @@ -352,12 +352,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" @@ -366,7 +366,7 @@ msgstr "" "falha do provedor de dados ou reiniciar antes de eles desistirem" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "Padrão: 3" @@ -386,7 +386,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "re_expression (string)" @@ -406,12 +406,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "full_name_format (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -419,39 +419,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -549,12 +549,46 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 -#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 -#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +#, fuzzy +#| msgid "override_homedir (string)" +msgid "override_space (string)" +msgstr "override_homedir (string)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +#, fuzzy +#| msgid "Default: not set, i.e. the TGT is not renewable" +msgid "Default: not set (spaces will not be replaced)" +msgstr "Padrão: não definido, ou seja, o TGT não é renovável" + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -567,12 +601,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -581,22 +615,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -606,17 +640,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -624,19 +658,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 -#: sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 -#: sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 +#: sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 +#: sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "Padrão: 60" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the <quote>timeout</" "quote> option), it is first sent the SIGTERM signal that instructs it to " @@ -646,53 +680,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +msgid "offline_timeout + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -700,7 +759,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -710,7 +769,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -719,17 +778,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "Padrão: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -737,17 +796,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -756,41 +815,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -798,22 +857,22 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -821,186 +880,186 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "allowed_shells (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "vetoed_shells (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "shell_fallback (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "Padrão: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "Padrão: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1008,59 +1067,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "Padrão: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1068,7 +1127,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1077,17 +1136,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1095,31 +1154,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1130,34 +1189,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1165,51 +1224,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1221,7 +1280,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1232,24 +1291,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1257,12 +1316,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1271,24 +1330,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "SECÇÕES DE DOMÍNIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1297,47 +1356,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Padrão: 1 para min_id, 0 (sem limite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "enumerate (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "Padrão: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1349,14 +1408,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1365,39 +1424,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1406,24 +1465,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "Padrão: none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1434,137 +1493,152 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "Padrão: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 -#: sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +#, fuzzy +#| msgid "entry_cache_timeout (integer)" +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "entry_cache_timeout (integer)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1573,17 +1647,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "Padrão: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1592,33 +1666,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "id_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1626,8 +1700,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 -#: sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1636,8 +1710,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1645,19 +1719,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1666,7 +1740,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -1674,17 +1748,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -1692,19 +1766,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "auth_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1712,7 +1786,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1720,30 +1794,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "access_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1751,19 +1825,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1772,24 +1846,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1797,7 +1871,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1805,35 +1879,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1841,32 +1915,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 -#: sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -1877,12 +1951,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1890,7 +1964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1898,31 +1972,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1930,23 +2004,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1954,7 +2028,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1962,24 +2036,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1987,12 +2061,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2002,7 +2076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2011,29 +2085,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2041,7 +2115,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2049,66 +2123,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Default: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "Default: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2116,62 +2190,97 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 -#: sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "Padrão: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "override_gid (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +#, fuzzy +#| msgid "case_sensitive (boolean)" +msgid "case_sensitive (string)" msgstr "case_sensitive (boolean)" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" -msgstr "Padrão: TRUE" +#: sssd.conf.5.xml:1916 +msgid "Default: True (False for AD provider)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2180,22 +2289,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2205,29 +2314,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2235,29 +2344,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2265,19 +2374,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "A secção de domínio local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2285,73 +2394,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "default_shell (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "Padrão: <filename>bash/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "base_directory (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "Padrão: <filename>/ home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "Padrão: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "homedir_umask (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2359,17 +2468,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "Padrão: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "skel_dir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2378,17 +2487,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "Padrão: <filename>skel/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "mail_dir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2396,17 +2505,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "Padrão: <filename>mail/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "userdel_cmd (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2414,18 +2523,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "Padrão: None, nenhum comando é executado" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 +#: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "EXEMPLO" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2479,7 +2589,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2625,7 +2735,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "Exemplos:" @@ -2829,7 +2939,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "" @@ -2880,60 +2990,45 @@ msgstr "Padrão: diret" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "ldap_user_uuid (string)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "Padrão: nsUniqueId" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "Padrão: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2942,17 +3037,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "Padrão: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2961,17 +3056,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "Padrão: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2980,17 +3075,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "Padrão: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2999,17 +3094,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "Padrão: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3018,17 +3113,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "Padrão: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -3037,17 +3132,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "Padrão: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -3055,155 +3150,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "Padrão: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "Padrão: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "Padrão: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3213,7 +3308,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3221,46 +3316,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +#, fuzzy +#| msgid "Default: True" +msgid "Default: sshPublicKey" +msgstr "Padrão: TRUE" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3269,24 +3371,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3294,53 +3396,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" +#: sssd-ldap.5.xml:711 +#, fuzzy +#| msgid "Default: 10800 (12 hours)" +msgid "Default: 10800 (3 hours)" msgstr "Padrão: 10800 (12 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 -#: sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "Padrão: NC" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -3348,14 +3452,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -3363,17 +3467,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -3381,14 +3485,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -3396,101 +3500,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "Padrão: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -3498,17 +3592,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3516,7 +3610,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -3526,7 +3620,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -3535,17 +3629,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3553,14 +3647,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3568,7 +3662,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3577,18 +3671,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 -#: sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 +#: sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3596,184 +3690,173 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "Padrão: TRUE" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "Padrão: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "ldap_netgroup_uuid (string)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3781,7 +3864,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3789,12 +3872,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3802,12 +3885,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3818,12 +3901,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3831,12 +3914,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3845,34 +3928,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "Padrão: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3880,14 +3963,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3895,17 +3978,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3915,12 +3998,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3928,17 +4011,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3946,13 +4029,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3961,7 +4044,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3969,19 +4052,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -3990,7 +4073,7 @@ msgstr "" "qualquer certificado de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3998,7 +4081,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4006,7 +4089,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -4014,41 +4097,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "Padrão: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4057,32 +4140,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4090,24 +4173,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4115,17 +4198,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4136,29 +4219,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4167,17 +4250,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4185,50 +4268,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "Padrão: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Padrão: Sistema keytab, normalmente <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4236,27 +4319,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "Padrão: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4268,7 +4351,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4276,7 +4359,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4284,39 +4367,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4326,7 +4409,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4334,26 +4417,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4361,7 +4444,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4369,31 +4452,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4402,56 +4485,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4467,12 +4550,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4481,14 +4564,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4497,24 +4580,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4522,19 +4605,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4543,7 +4626,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4551,7 +4634,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4560,7 +4643,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4568,108 +4651,142 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "Padrão: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +#, fuzzy +#| msgid "ldap_pwd_policy (string)" +msgid "ldap_pwdlockout_dn (string)" +msgstr "ldap_pwd_policy (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "ldap_deref (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4680,7 +4797,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4698,12 +4815,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4711,208 +4828,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4920,101 +5037,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -5023,91 +5140,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5116,37 +5233,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "OPÇÕES AVANÇADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5154,7 +5271,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5162,7 +5279,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5175,20 +5292,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 -#: sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 +#: sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5670,7 +5787,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "" @@ -5685,7 +5802,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5700,12 +5817,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5726,12 +5843,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5773,12 +5890,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5786,12 +5903,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5810,19 +5927,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5916,7 +6033,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6003,7 +6120,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "" @@ -6461,9 +6578,396 @@ msgstr "" msgid "Default: permissive" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +#, fuzzy +#| msgid "entry_cache_timeout (integer)" +msgid "ad_gpo_cache_timeout (integer)" +msgstr "entry_cache_timeout (integer)" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +#, fuzzy +#| msgid "ldap_user_shadow_inactive (string)" +msgid "ad_gpo_map_interactive (string)" +msgstr "ldap_user_shadow_inactive (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>login</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 +#: sssd-ad.5.xml:559 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +#, fuzzy +#| msgid "login name" +msgid "login" +msgstr "nome de login" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +#, fuzzy +#| msgid "ldap_user_shadow_inactive (string)" +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "ldap_user_shadow_inactive (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>sshd</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +#, fuzzy +#| msgid "ldap_deref (string)" +msgid "ad_gpo_map_network (string)" +msgstr "ldap_deref (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>ftp</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +#, fuzzy +#| msgid "ldap_sasl_authid (string)" +msgid "ad_gpo_map_batch (string)" +msgstr "ldap_sasl_authid (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>crond</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +#, fuzzy +#| msgid "ldap_deref (string)" +msgid "ad_gpo_map_service (string)" +msgstr "ldap_deref (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +msgid "" +"It is possible to add a PAM service name to the default set by using <quote>" +"+service_name</quote>. Since the default set is empty, it is not possible " +"to remove a PAM service name from the default set. For example, in order to " +"add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " +"would use the following configuration: <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +#, fuzzy +#| msgid "ldap_deref (string)" +msgid "ad_gpo_map_permit (string)" +msgstr "ldap_deref (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +#, fuzzy +#| msgid "ldap_deref (string)" +msgid "ad_gpo_map_deny (string)" +msgstr "ldap_deref (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +#, fuzzy +#| msgid "default_shell (string)" +msgid "ad_gpo_default_right (string)" +msgstr "default_shell (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +msgid "Supported values for this option include:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +#, fuzzy +#| msgid "services" +msgid "service" +msgstr "serviços" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +#, fuzzy +#| msgid "Default: cn" +msgid "Default: deny" +msgstr "Padrão: NC" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6473,29 +6977,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6503,7 +7007,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6518,7 +7022,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6527,7 +7031,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6535,10 +7039,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> @@ -6918,24 +7425,27 @@ msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -8118,13 +8628,44 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 +#, fuzzy +#| msgid "" +#| "<option>-f</option>,<option>--file</option> <replaceable>FILE</" +#| "replaceable>" msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" "replaceable>" msgstr "" +"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:167 +msgid "Invalidate SSH public keys of a specific host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +#, fuzzy +#| msgid "<option>-s</option>,<option>--stdin</option>" +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "<option>-s</option>,<option>--stdin</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "" @@ -8421,6 +8962,155 @@ msgstr "" msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" +"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " +"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" +"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " +"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" +"author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +#, fuzzy +#| msgid "sss_groupmod" +msgid "sss_rpcidmapd" +msgstr "sss_groupmod" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "CONFIGURATION FILE" +msgstr "OPÇÕES DE CONFIGURAÇÃO" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +msgid "" +"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." +"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "SSS CONFIGURATION EXTENSION" +msgstr "OPÇÕES DE CONFIGURAÇÃO" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +#, fuzzy +#| msgid "The [sssd] section" +msgid "[sss] config section" +msgstr "A seção [SSSD]" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +#, fuzzy +#| msgid "Configuration" +msgid "Configuration attributes" +msgstr "Configuração" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +#, fuzzy +#| msgid "enumerate (bool)" +msgid "memcache (bool)" +msgstr "enumerate (bool)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "VER TAMBÉM" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -9251,11 +9941,6 @@ msgid "" "local LDB storage to store users and groups." msgstr "" -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "VER TAMBÉM" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 msgid "" @@ -9296,7 +9981,9 @@ msgid "" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" msgstr "" #. type: Content of: <listitem><para> @@ -9440,3 +10127,12 @@ msgstr "" #: include/homedir_substring.xml:15 msgid "Default: /home" msgstr "" + +#~ msgid "ldap_user_uuid (string)" +#~ msgstr "ldap_user_uuid (string)" + +#~ msgid "Default: nsUniqueId" +#~ msgstr "Padrão: nsUniqueId" + +#~ msgid "ldap_netgroup_uuid (string)" +#~ msgstr "ldap_netgroup_uuid (string)" diff --git a/src/man/po/ru.po b/src/man/po/ru.po index 33853c70a..99f3aed27 100644 --- a/src/man/po/ru.po +++ b/src/man/po/ru.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-07-09 19:18+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: 2014-06-04 18:04+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Russian (http://www.transifex.com/projects/p/sssd/language/" @@ -27,8 +27,8 @@ msgstr "" #: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 #: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 #: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 -#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 -#: sss_ssh_knownhostsproxy.1.xml:5 +#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 +#: sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "Справка по SSSD" @@ -124,14 +124,14 @@ msgstr "sssd.CONF" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 -#: sssd-ifp.5.xml:11 +#: sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 -#: sssd-ifp.5.xml:12 +#: sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "" @@ -223,11 +223,11 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 -#: sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 -#: sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 +#: sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 +#: sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 #: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "" @@ -242,16 +242,16 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 -#: sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 +#: sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "По умолчанию: false" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -273,7 +273,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "По умолчанию: 10" @@ -288,7 +288,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "" @@ -325,19 +325,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "попыток_соединения (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "По умолчанию: 3" @@ -357,7 +357,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "" @@ -377,12 +377,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -390,39 +390,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -520,12 +520,42 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 -#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 -#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +msgid "override_space (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +msgid "Default: not set (spaces will not be replaced)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -538,12 +568,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -552,22 +582,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -577,17 +607,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -595,19 +625,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 -#: sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 -#: sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 +#: sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 +#: sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the <quote>timeout</" "quote> option), it is first sent the SIGTERM signal that instructs it to " @@ -617,53 +647,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +msgid "offline_timeout + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "По умолчанию: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -671,7 +726,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -681,7 +736,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -690,17 +745,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -708,17 +763,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "По умолчанию: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -727,41 +782,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "По умолчанию: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -769,22 +824,22 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -792,186 +847,186 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "По умолчанию: 0 (неограничено)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -979,59 +1034,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "По умолчанию: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "В настоящее время sssd поддерживает следующие значения:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "По умолчанию: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1039,7 +1094,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1048,17 +1103,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1066,31 +1121,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1101,34 +1156,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1136,51 +1191,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1192,7 +1247,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1203,24 +1258,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1228,12 +1283,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1242,24 +1297,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1268,47 +1323,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "По умолчанию: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1320,14 +1375,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1336,39 +1391,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1377,24 +1432,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1405,137 +1460,150 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 -#: sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1544,17 +1612,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1563,33 +1631,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1597,8 +1665,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 -#: sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1607,8 +1675,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1616,19 +1684,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1637,7 +1705,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -1645,17 +1713,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -1663,19 +1731,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1683,7 +1751,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1691,30 +1759,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1722,19 +1790,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1743,24 +1811,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1768,7 +1836,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1776,35 +1844,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1812,32 +1880,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 -#: sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -1848,12 +1916,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1861,7 +1929,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1869,31 +1937,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1901,23 +1969,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1925,7 +1993,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1933,24 +2001,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1958,12 +2026,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -1973,7 +2041,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -1982,29 +2050,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2012,7 +2080,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2020,66 +2088,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "По умолчанию: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "Поддерживаемые значения:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2087,62 +2155,95 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 -#: sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "По умолчанию: использовать доменное имя из hostname" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +msgid "case_sensitive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" +#: sssd.conf.5.xml:1916 +msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2151,22 +2252,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2176,29 +2277,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2206,29 +2307,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2236,19 +2337,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2256,73 +2357,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "По умолчанию: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "По умолчанию: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2330,17 +2431,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "По умолчанию: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2349,17 +2450,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "По умолчанию: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2367,17 +2468,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "По умолчанию: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2385,18 +2486,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 +#: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "ПРИМЕР" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2426,7 +2528,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2572,7 +2674,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "" @@ -2772,7 +2874,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "" @@ -2823,60 +2925,45 @@ msgstr "По умолчанию: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "По умолчанию: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2885,17 +2972,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2904,17 +2991,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2923,17 +3010,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2942,17 +3029,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "По умолчанию: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2961,17 +3048,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "По умолчанию: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -2980,17 +3067,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "По умолчанию: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -2998,155 +3085,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3156,7 +3243,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3164,46 +3251,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +#, fuzzy +#| msgid "Default: false" +msgid "Default: sshPublicKey" +msgstr "По умолчанию: false" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3212,24 +3306,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3237,53 +3331,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" -msgstr "" +#: sssd-ldap.5.xml:711 +#, fuzzy +#| msgid "Default: 10" +msgid "Default: 10800 (3 hours)" +msgstr "По умолчанию: 10" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 -#: sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -3291,14 +3387,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -3306,17 +3402,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -3324,14 +3420,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -3339,101 +3435,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -3441,17 +3527,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3459,7 +3545,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -3469,7 +3555,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -3478,17 +3564,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3496,14 +3582,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3511,7 +3597,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3520,18 +3606,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 -#: sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 +#: sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3539,184 +3625,173 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3724,7 +3799,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3732,12 +3807,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3745,12 +3820,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3761,12 +3836,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3774,12 +3849,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3788,34 +3863,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3823,14 +3898,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3838,17 +3913,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3858,12 +3933,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3871,17 +3946,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3889,13 +3964,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3904,7 +3979,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3912,26 +3987,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3939,7 +4014,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3947,7 +4022,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3955,41 +4030,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -3998,32 +4073,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4031,24 +4106,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4056,17 +4131,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4077,29 +4152,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4108,17 +4183,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4126,49 +4201,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4176,27 +4251,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4208,7 +4283,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4216,7 +4291,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4224,39 +4299,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4266,7 +4341,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4274,26 +4349,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4301,7 +4376,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4309,31 +4384,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4342,56 +4417,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4407,12 +4482,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4421,14 +4496,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4437,24 +4512,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4462,19 +4537,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4483,7 +4558,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4491,7 +4566,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4500,7 +4575,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4508,108 +4583,140 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +msgid "ldap_pwdlockout_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4620,7 +4727,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4638,12 +4745,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4651,208 +4758,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4860,101 +4967,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4963,91 +5070,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5056,37 +5163,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5094,7 +5201,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5102,7 +5209,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5115,20 +5222,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 -#: sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 +#: sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5610,7 +5717,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "" @@ -5625,7 +5732,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5640,12 +5747,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5666,12 +5773,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5713,12 +5820,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5726,12 +5833,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5750,19 +5857,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5856,7 +5963,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -5943,7 +6050,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "" @@ -6397,9 +6504,378 @@ msgstr "" msgid "Default: permissive" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +msgid "ad_gpo_map_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>login</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 +#: sssd-ad.5.xml:559 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +#, fuzzy +#| msgid "password" +msgid "gdm-password" +msgstr "пароль" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>sshd</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +msgid "ad_gpo_map_network (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>ftp</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +msgid "ad_gpo_map_batch (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>crond</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +msgid "ad_gpo_map_service (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +msgid "" +"It is possible to add a PAM service name to the default set by using <quote>" +"+service_name</quote>. Since the default set is empty, it is not possible " +"to remove a PAM service name from the default set. For example, in order to " +"add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " +"would use the following configuration: <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +msgid "ad_gpo_map_permit (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +msgid "ad_gpo_map_deny (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +msgid "ad_gpo_default_right (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +msgid "Supported values for this option include:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +#, fuzzy +#| msgid "services" +msgid "service" +msgstr "службы" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: deny" +msgstr "По умолчанию: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6409,29 +6885,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6439,7 +6915,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6454,7 +6930,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6463,7 +6939,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6471,10 +6947,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> @@ -6850,24 +7329,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -8035,12 +8517,36 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" "replaceable>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:167 +msgid "Invalidate SSH public keys of a specific host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "" @@ -8337,6 +8843,147 @@ msgstr "" msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" +"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " +"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" +"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " +"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" +"author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +msgid "sss_rpcidmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "CONFIGURATION FILE" +msgstr "ПАРАМЕТРЫ КОНФИГУРАЦИИ" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +msgid "" +"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." +"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "SSS CONFIGURATION EXTENSION" +msgstr "ПАРАМЕТРЫ КОНФИГУРАЦИИ" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +msgid "[sss] config section" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +msgid "Configuration attributes" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +msgid "memcache (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "СМ. ТАКЖЕ" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -9167,11 +9814,6 @@ msgid "" "local LDB storage to store users and groups." msgstr "" -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "СМ. ТАКЖЕ" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 msgid "" @@ -9212,7 +9854,9 @@ msgid "" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" msgstr "" #. type: Content of: <listitem><para> diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot index df0456df1..f9ebf6c9e 100644 --- a/src/man/po/sssd-docs.pot +++ b/src/man/po/sssd-docs.pot @@ -6,9 +6,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.11.92\n" +"Project-Id-Version: sssd-docs 1.12.1\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-07-09 19:18+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -18,7 +18,7 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" #. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 sssd-ad.5.xml:5 sssd-sudo.5.xml:5 sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 +#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 sssd-ad.5.xml:5 sssd-sudo.5.xml:5 sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "" @@ -98,12 +98,12 @@ msgid "sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 sssd-ifp.5.xml:11 +#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 sssd-ifp.5.xml:12 +#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "" @@ -197,7 +197,7 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "" @@ -212,12 +212,12 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -239,7 +239,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "" @@ -254,7 +254,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "" @@ -291,19 +291,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "" @@ -323,7 +323,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "" @@ -343,12 +343,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> " "<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes " @@ -357,39 +357,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -487,10 +487,39 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +msgid "override_space (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +msgid "Default: not set (spaces will not be replaced)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -503,12 +532,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -517,22 +546,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -542,17 +571,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -560,17 +589,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the " "<quote>timeout</quote> option), it is first sent the SIGTERM signal that " @@ -580,54 +609,79 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +msgid "offline_timeout + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) " "service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -635,7 +689,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -645,7 +699,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -654,17 +708,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -672,17 +726,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set " @@ -691,39 +745,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -731,22 +785,22 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -754,90 +808,90 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in " "<quote>/etc/shells</quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in " "<quote>/etc/shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the " "machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during " "lookup. This option can be specified globally in the [nss] section or " @@ -845,96 +899,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -942,59 +996,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during " "authentication. The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1002,7 +1056,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a " @@ -1012,17 +1066,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1030,7 +1084,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be " @@ -1038,24 +1092,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting " "<emphasis>pwd_expiration_warning</emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> " @@ -1067,34 +1121,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1102,51 +1156,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1158,7 +1212,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1169,24 +1223,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1194,12 +1248,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1208,24 +1262,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For " @@ -1234,46 +1288,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1285,14 +1339,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1301,39 +1355,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1342,24 +1396,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1370,136 +1424,148 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1508,17 +1574,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1527,34 +1593,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -1562,7 +1628,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1571,7 +1637,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> " @@ -1579,19 +1645,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified " "names. For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1600,7 +1666,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -1608,17 +1674,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -1626,19 +1692,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -1646,7 +1712,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -1654,29 +1720,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1684,19 +1750,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> " @@ -1705,24 +1771,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " @@ -1731,7 +1797,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -1739,34 +1805,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -1774,31 +1840,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -1809,12 +1875,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1822,7 +1888,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1831,31 +1897,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1864,22 +1930,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -1887,7 +1953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> " @@ -1895,24 +1961,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1921,12 +1987,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -1936,7 +2002,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: " "<quote>(((?P<domain>[^\\\\]+)\\\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\\\]+)$))</quote> " @@ -1944,29 +2010,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -1974,7 +2040,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -1982,66 +2048,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " "(?P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2049,61 +2115,94 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +msgid "case_sensitive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" +#: sssd.conf.5.xml:1916 +msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2112,22 +2211,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2137,27 +2236,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called " @@ -2166,29 +2265,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2196,19 +2295,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2216,73 +2315,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2290,17 +2389,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2309,17 +2408,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2327,17 +2426,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2345,17 +2444,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2385,7 +2484,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2531,7 +2630,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "" @@ -2731,7 +2830,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "" @@ -2782,60 +2881,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -2844,17 +2928,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -2863,17 +2947,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -2882,17 +2966,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -2901,17 +2985,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -2920,17 +3004,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -2940,17 +3024,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -2958,155 +3042,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3117,7 +3201,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3125,46 +3209,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>phone</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +msgid "Default: sshPublicKey" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3173,24 +3262,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3198,52 +3287,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" +#: sssd-ldap.5.xml:711 +msgid "Default: 10800 (3 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -3251,14 +3340,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option " "<emphasis>must</emphasis> include <quote>authorized_service</quote> in order " @@ -3266,17 +3355,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -3284,14 +3373,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option " "<emphasis>must</emphasis> include <quote>host</quote> in order for the " @@ -3299,101 +3388,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -3401,17 +3480,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups " "(e.g. RFC2307bis), then this option controls how many levels of nesting SSSD " @@ -3419,7 +3498,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -3429,7 +3508,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -3438,17 +3517,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3456,14 +3535,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3471,7 +3550,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink " @@ -3480,17 +3559,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3498,181 +3577,171 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3680,7 +3749,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3688,12 +3757,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3701,12 +3770,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> " @@ -3717,12 +3786,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3730,12 +3799,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3744,34 +3813,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single " "request. Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3779,7 +3848,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use " @@ -3787,7 +3856,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3795,17 +3864,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3815,12 +3884,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3828,17 +3897,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3846,12 +3915,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3860,7 +3929,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3868,26 +3937,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3895,7 +3964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3903,7 +3972,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3911,41 +3980,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in " "<filename>/etc/openldap/ldap.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -3954,32 +4023,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -3987,24 +4056,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4012,17 +4081,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4033,29 +4102,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4065,17 +4134,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4083,49 +4152,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4133,27 +4202,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of " @@ -4165,7 +4234,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4173,7 +4242,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of " "SSSD. While the legacy name is recognized for the time being, users are " @@ -4182,39 +4251,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4224,7 +4293,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> " "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> " @@ -4233,26 +4302,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client " "side. The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use " "<citerefentry><refentrytitle>shadow</refentrytitle> " @@ -4261,7 +4330,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4269,31 +4338,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4302,56 +4371,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4368,12 +4437,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4382,14 +4451,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4398,24 +4467,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4423,19 +4492,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4444,7 +4513,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, " "<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check " @@ -4452,7 +4521,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4461,7 +4530,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option " "<emphasis>must</emphasis> include <quote>expire</quote> in order for the " @@ -4469,108 +4538,140 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +msgid "ldap_pwdlockout_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4581,7 +4682,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4599,12 +4700,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4612,208 +4713,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval " "</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4821,100 +4922,100 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is " "<emphasis>false</emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4923,91 +5024,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder " "type=\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" " @@ -5017,37 +5118,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5055,7 +5156,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5063,7 +5164,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5076,17 +5177,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5574,7 +5675,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "" @@ -5589,7 +5690,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5604,12 +5705,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5630,12 +5731,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5678,12 +5779,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5691,12 +5792,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5715,19 +5816,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5821,7 +5922,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -5908,7 +6009,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "" @@ -6363,9 +6464,373 @@ msgstr "" msgid "Default: permissive" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +msgid "ad_gpo_map_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, " +"-login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right " +"(e.g. <quote>login</quote>) with a custom pam service name " +"(e.g. <quote>my_pam_service</quote>), you would use the following " +"configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 sssd-ad.5.xml:559 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = " +"+my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right " +"(e.g. <quote>sshd</quote>) with a custom pam service name " +"(e.g. <quote>my_pam_service</quote>), you would use the following " +"configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +msgid "ad_gpo_map_network (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right " +"(e.g. <quote>ftp</quote>) with a custom pam service name " +"(e.g. <quote>my_pam_service</quote>), you would use the following " +"configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +msgid "ad_gpo_map_batch (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right " +"(e.g. <quote>crond</quote>) with a custom pam service name " +"(e.g. <quote>my_pam_service</quote>), you would use the following " +"configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +msgid "ad_gpo_map_service (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +msgid "" +"It is possible to add a PAM service name to the default set by using " +"<quote>+service_name</quote>. Since the default set is empty, it is not " +"possible to remove a PAM service name from the default set. For example, in " +"order to add a custom pam service name (e.g. <quote>my_pam_service</quote>), " +"you would use the following configuration: <placeholder " +"type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +msgid "ad_gpo_map_permit (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name " +"(e.g. <quote>my_pam_service</quote>), you would use the following " +"configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +msgid "ad_gpo_map_deny (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +msgid "ad_gpo_default_right (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +msgid "Supported values for this option include:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +msgid "service" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +msgid "Default: deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6375,22 +6840,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise " "principal. See section 5 of RFC 6806 for more details about enterprise " @@ -6398,7 +6863,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and " "example.com is one of the domains in the <replaceable>[sssd]</replaceable> " @@ -6406,7 +6871,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6421,7 +6886,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6430,7 +6895,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6438,10 +6903,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> @@ -6819,24 +7287,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -8002,12 +8473,36 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 msgid "" +"<option>-h</option>,<option>--ssh-host</option> " +"<replaceable>hostname</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:167 +msgid "Invalidate SSH public keys of a specific host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 +msgid "" "<option>-d</option>,<option>--domain</option> " "<replaceable>domain</replaceable>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_cache.8.xml:167 +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "" @@ -8304,6 +8799,144 @@ msgstr "" msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> " +"<firstname>Noam</firstname> <surname>Meltzer</surname> <affiliation> " +"<orgname>Primary Data Inc.</orgname> </affiliation> <contrib>Developer " +"(2013-2014)</contrib> </author> <author> <firstname>Noam</firstname> " +"<surname>Meltzer</surname> <contrib>Developer (2014-)</contrib> " +"<email>tsnoam@gmail.com</email> </author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +msgid "sss_rpcidmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +msgid "CONFIGURATION FILE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +msgid "" +"rpc.idmapd configuration file is usually found at " +"<emphasis>/etc/idmapd.conf</emphasis>. See <citerefentry> " +"<refentrytitle>idmapd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> for more information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +msgid "SSS CONFIGURATION EXTENSION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +msgid "[sss] config section" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +msgid "Configuration attributes" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +msgid "memcache (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -9143,11 +9776,6 @@ msgid "" "local LDB storage to store users and groups." msgstr "" -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 msgid "" @@ -9199,7 +9827,9 @@ msgid "" "<refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</manvolnum> " "</citerefentry>, </phrase> <citerefentry> " "<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> " -"</citerefentry>." +"</citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry>" msgstr "" #. type: Content of: <listitem><para> diff --git a/src/man/po/tg.po b/src/man/po/tg.po index b9ad3663b..dcdee3fcc 100644 --- a/src/man/po/tg.po +++ b/src/man/po/tg.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-07-09 19:18+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: 2014-06-04 18:04+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Tajik (http://www.transifex.com/projects/p/sssd/language/" @@ -25,8 +25,8 @@ msgstr "" #: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 #: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 #: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 -#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 -#: sss_ssh_knownhostsproxy.1.xml:5 +#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 +#: sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "" @@ -122,14 +122,14 @@ msgstr "" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 -#: sssd-ifp.5.xml:11 +#: sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 -#: sssd-ifp.5.xml:12 +#: sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "" @@ -221,11 +221,11 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 -#: sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 -#: sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 +#: sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 +#: sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 #: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "Пешфарз: true" @@ -240,16 +240,16 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 -#: sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 +#: sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "Пешфарз: false" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -271,7 +271,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "Пешфарз: 10" @@ -286,7 +286,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "" @@ -323,19 +323,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "Пешфарз: 3" @@ -355,7 +355,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "" @@ -375,12 +375,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -388,39 +388,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -518,12 +518,42 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 -#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 -#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +msgid "override_space (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +msgid "Default: not set (spaces will not be replaced)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -536,12 +566,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -550,22 +580,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -575,17 +605,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -593,19 +623,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 -#: sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 -#: sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 +#: sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 +#: sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the <quote>timeout</" "quote> option), it is first sent the SIGTERM signal that instructs it to " @@ -615,53 +645,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +msgid "offline_timeout + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "Пешфарз: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -669,7 +724,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -679,7 +734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -688,17 +743,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "Пешфарз: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -706,17 +761,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "Пешфарз: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -725,41 +780,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "Пешфарз: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -767,22 +822,22 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -790,186 +845,186 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "Пешфарз: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "Пешфарз: 0 (Номаҳдуд)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -977,59 +1032,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "Пешфарз: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "Пешфарз: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1037,7 +1092,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1046,17 +1101,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1064,31 +1119,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "Пешфарз: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1099,34 +1154,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1134,51 +1189,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1190,7 +1245,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1201,24 +1256,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1226,12 +1281,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1240,24 +1295,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1266,47 +1321,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "Пешфарз: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1318,14 +1373,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1334,39 +1389,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1375,24 +1430,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1403,137 +1458,150 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "Пешфарз: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 -#: sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1542,17 +1610,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "Пешфарз: 0 (номаҳдуд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1561,33 +1629,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1595,8 +1663,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 -#: sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1605,8 +1673,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1614,19 +1682,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1635,7 +1703,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -1643,17 +1711,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -1661,19 +1729,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1681,7 +1749,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1689,30 +1757,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1720,19 +1788,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1741,24 +1809,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1766,7 +1834,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1774,35 +1842,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1810,32 +1878,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 -#: sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -1846,12 +1914,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1859,7 +1927,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1867,31 +1935,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1899,23 +1967,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1923,7 +1991,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1931,24 +1999,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1956,12 +2024,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -1971,7 +2039,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -1980,29 +2048,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2010,7 +2078,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2018,66 +2086,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2085,62 +2153,95 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 -#: sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "Пешфарз: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +msgid "case_sensitive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" +#: sssd.conf.5.xml:1916 +msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2149,22 +2250,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2174,29 +2275,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2204,29 +2305,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2234,19 +2335,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2254,73 +2355,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "Пешфарз: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2328,17 +2429,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2347,17 +2448,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2365,17 +2466,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2383,18 +2484,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 +#: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "НАМУНА" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2424,7 +2526,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2570,7 +2672,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "Намунаҳо:" @@ -2770,7 +2872,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "" @@ -2821,60 +2923,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2883,17 +2970,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2902,17 +2989,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2921,17 +3008,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2940,17 +3027,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2959,17 +3046,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -2978,17 +3065,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -2996,155 +3083,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3154,7 +3241,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3162,46 +3249,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +#, fuzzy +#| msgid "Default: true" +msgid "Default: sshPublicKey" +msgstr "Пешфарз: true" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3210,24 +3304,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3235,53 +3329,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" -msgstr "" +#: sssd-ldap.5.xml:711 +#, fuzzy +#| msgid "Default: 10" +msgid "Default: 10800 (3 hours)" +msgstr "Пешфарз: 10" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 -#: sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -3289,14 +3385,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -3304,17 +3400,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -3322,14 +3418,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -3337,101 +3433,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -3439,17 +3525,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3457,7 +3543,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -3467,7 +3553,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -3476,17 +3562,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "Пешфарз: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3494,14 +3580,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3509,7 +3595,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3518,18 +3604,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 -#: sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 +#: sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3537,184 +3623,173 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3722,7 +3797,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3730,12 +3805,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3743,12 +3818,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3759,12 +3834,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3772,12 +3847,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3786,34 +3861,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3821,14 +3896,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3836,17 +3911,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3856,12 +3931,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3869,17 +3944,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3887,13 +3962,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3902,7 +3977,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3910,26 +3985,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3937,7 +4012,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3945,7 +4020,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3953,41 +4028,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -3996,32 +4071,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4029,24 +4104,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4054,17 +4129,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4075,29 +4150,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4106,17 +4181,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4124,49 +4199,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "Пешфарз: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4174,27 +4249,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4206,7 +4281,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4214,7 +4289,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4222,39 +4297,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4264,7 +4339,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4272,26 +4347,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4299,7 +4374,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4307,31 +4382,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4340,56 +4415,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4405,12 +4480,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "Намуна:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4419,14 +4494,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4435,24 +4510,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4460,19 +4535,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4481,7 +4556,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4489,7 +4564,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4498,7 +4573,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4506,108 +4581,140 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +msgid "ldap_pwdlockout_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4618,7 +4725,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4636,12 +4743,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4649,208 +4756,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4858,101 +4965,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4961,91 +5068,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5054,37 +5161,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5092,7 +5199,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5100,7 +5207,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5113,20 +5220,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 -#: sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 +#: sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЭЗОҲҲО" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5608,7 +5715,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "" @@ -5623,7 +5730,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5638,12 +5745,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5664,12 +5771,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5711,12 +5818,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5724,12 +5831,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5748,19 +5855,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5854,7 +5961,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -5941,7 +6048,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "" @@ -6395,9 +6502,378 @@ msgstr "" msgid "Default: permissive" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +msgid "ad_gpo_map_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>login</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 +#: sssd-ad.5.xml:559 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +#, fuzzy +#| msgid "login name" +msgid "login" +msgstr "Номи логин" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +#, fuzzy +#| msgid "password" +msgid "gdm-password" +msgstr "парол" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>sshd</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +msgid "ad_gpo_map_network (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>ftp</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +msgid "ad_gpo_map_batch (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>crond</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +msgid "ad_gpo_map_service (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +msgid "" +"It is possible to add a PAM service name to the default set by using <quote>" +"+service_name</quote>. Since the default set is empty, it is not possible " +"to remove a PAM service name from the default set. For example, in order to " +"add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " +"would use the following configuration: <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +msgid "ad_gpo_map_permit (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +msgid "ad_gpo_map_deny (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +msgid "ad_gpo_default_right (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +msgid "Supported values for this option include:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +msgid "service" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: deny" +msgstr "Пешфарз: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6407,29 +6883,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6437,7 +6913,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6452,7 +6928,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6461,7 +6937,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6469,10 +6945,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> @@ -6848,24 +7327,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -8033,12 +8515,36 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" "replaceable>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:167 +msgid "Invalidate SSH public keys of a specific host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "" @@ -8335,6 +8841,145 @@ msgstr "" msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" +"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " +"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" +"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " +"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" +"author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +msgid "sss_rpcidmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +msgid "CONFIGURATION FILE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +msgid "" +"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." +"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +msgid "SSS CONFIGURATION EXTENSION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +msgid "[sss] config section" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +#, fuzzy +#| msgid "Configuration" +msgid "Configuration attributes" +msgstr "Ҷӯрсозӣ" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +msgid "memcache (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -9165,11 +9810,6 @@ msgid "" "local LDB storage to store users and groups." msgstr "" -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 msgid "" @@ -9210,7 +9850,9 @@ msgid "" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" msgstr "" #. type: Content of: <listitem><para> diff --git a/src/man/po/uk.po b/src/man/po/uk.po index a9d40c789..540162f96 100644 --- a/src/man/po/uk.po +++ b/src/man/po/uk.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-07-09 19:18+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: 2014-06-23 16:22+0000\n" "Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n" "Language-Team: Ukrainian (http://www.transifex.com/projects/p/sssd/language/" @@ -29,8 +29,8 @@ msgstr "" #: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 #: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 #: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 -#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 -#: sss_ssh_knownhostsproxy.1.xml:5 +#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 +#: sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "Сторінки підручника SSSD" @@ -140,14 +140,14 @@ msgstr "sssd.conf" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 -#: sssd-ifp.5.xml:11 +#: sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 -#: sssd-ifp.5.xml:12 +#: sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "Формати файлів та правила" @@ -259,11 +259,11 @@ msgid "Add a timestamp to the debug messages" msgstr "Додати часову позначку до діагностичних повідомлень." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 -#: sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 -#: sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 +#: sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 +#: sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 #: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "Типове значення: true" @@ -279,16 +279,16 @@ msgstr "" "Додати значення мікросекунд до часової позначки у діагностичних повідомленнях" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 -#: sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 +#: sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "Типове значення: false" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -312,7 +312,7 @@ msgstr "" "перевірки працездатності процесу та його змоги відповідати на запити." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "Типове значення: 10" @@ -327,7 +327,7 @@ msgid "The [sssd] section" msgstr "Розділ [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "Параметри розділу" @@ -372,12 +372,12 @@ msgstr "" "\">, pac</phrase> <phrase condition=\"with_ifp\">, ifp</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" @@ -387,7 +387,7 @@ msgstr "" "визнання подальших спроб безнадійними." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "Типове значення: 3" @@ -413,7 +413,7 @@ msgstr "" "ASCII, дефісів та знаків підкреслювання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "re_expression (рядок)" @@ -439,12 +439,12 @@ msgstr "" "ДОМЕНІВ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "full_name_format (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -456,32 +456,32 @@ msgstr "" "домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "ім’я користувача" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "назва домену у форматі, вказаному у файлі налаштувань SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -490,7 +490,7 @@ msgstr "" "Directory, налаштованих та автоматично виявлених за зв’язками довіри IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -619,12 +619,46 @@ msgstr "" "користувач@назва.домену, для входу до системи." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 -#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 -#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "Типове значення: not set" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +#, fuzzy +#| msgid "override_shell (string)" +msgid "override_space (string)" +msgstr "override_shell (рядок)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +#, fuzzy +#| msgid "Default: not set, i.e. FAST is not used." +msgid "Default: not set (spaces will not be replaced)" +msgstr "Типове значення: не встановлено, тобто FAST не використовується." + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -642,12 +676,12 @@ msgstr "" "профілів. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "РОЗДІЛИ СЛУЖБ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -660,22 +694,22 @@ msgstr "" "у розділі <quote>[nss]</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "Загальні параметри налаштування служб" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "Цими параметрами можна скористатися для налаштування будь-яких служб." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -691,17 +725,17 @@ msgstr "" "цього параметра і обмеженням \"hard\" у limits.conf." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "Типове значення: 8192 (або обмеження у limits.conf \"hard\")" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -713,19 +747,19 @@ msgstr "" "вичерпання ресурсів системи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 -#: sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 -#: sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 +#: sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 +#: sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "Типове значення: 60" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "force_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the <quote>timeout</" "quote> option), it is first sent the SIGTERM signal that instructs it to " @@ -741,29 +775,52 @@ msgstr "" "сигналу SIGKILL." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "offline_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +#, fuzzy +#| msgid "offline_timeout (integer)" +msgid "offline_timeout + random_offset" +msgstr "offline_timeout (ціле число)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" -"Якщо SSSD працює у автономному режимі і остання спроба встановити зв’язок з " -"мережею виконувалася менше ніж за вказану кількість секунд тому, нові запити " -"щодо отримання даних не призводитимуть до спроб встановити з’єднання з " -"мережею." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "Параметри налаштування NSS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -771,12 +828,12 @@ msgstr "" "Switch (NSS або перемикання служби визначення назв)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -785,17 +842,17 @@ msgstr "" "кеші nss_sss у секундах" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "Типове значення: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -806,7 +863,7 @@ msgstr "" "entry_cache_timeout для домену період часу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -821,7 +878,7 @@ msgstr "" "розблокування після оновлення кешу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -835,17 +892,17 @@ msgstr "" "можливість." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "Типове значення: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -856,17 +913,17 @@ msgstr "" "даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "Типове значення: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -880,17 +937,17 @@ msgstr "" "списку користувачами лише з певного домену." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "Типове значення: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -898,12 +955,12 @@ msgstr "" "встановіть для цього параметра значення «false»." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "fallback_homedir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -912,7 +969,7 @@ msgstr "" "каталог не вказано явним чином засобом надання даних домену." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -920,7 +977,7 @@ msgstr "" "для параметра override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -930,24 +987,24 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "приклад: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Типове значення: не встановлено (без замін для невстановлених домашніх " "каталогів)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "override_shell (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -959,19 +1016,19 @@ msgstr "" "або для кожного з доменів окремо." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" "Типове значення: не встановлено (SSSD використовуватиме значення, отримане " "від LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "allowed_shells (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -979,13 +1036,13 @@ msgstr "" "визначення оболонки є таким:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. Якщо оболонку вказано у <quote>/etc/shells</quote>, її буде використано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -995,7 +1052,7 @@ msgstr "" "shell_fallback." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1004,12 +1061,12 @@ msgstr "" "<quote>/etc/shells</quote>, буде використано оболонку nologin." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "Порожній рядок оболонки буде передано без обробки до libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1018,29 +1075,29 @@ msgstr "" "тобто у разі встановлення нової оболонки слід перезапустити SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "" "Типове значення: не встановлено. Автоматично використовується оболонка " "користувача." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "vetoed_shells (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "Замінити всі записи цих оболонок на shell_fallback" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "shell_fallback (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1048,17 +1105,17 @@ msgstr "" "системі не встановлено." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "Типове значення: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1068,7 +1125,7 @@ msgstr "" "або на загальному рівні у розділі [nss], або окремо для кожного з доменів." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1078,12 +1135,12 @@ msgstr "" "зазвичай /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1092,12 +1149,12 @@ msgstr "" "чинним." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "memcache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" @@ -1106,17 +1163,17 @@ msgstr "" "чинним." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "Типове значення: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "Параметри налаштування PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1125,12 +1182,12 @@ msgstr "" "Authentication Module (PAM або блокового модуля розпізнавання)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1140,17 +1197,17 @@ msgstr "" "входу до системи)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "Типове значення: 0 (без обмежень)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1159,12 +1216,12 @@ msgstr "" "дозволену кількість спроб входу з визначенням помилкового пароля." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1174,7 +1231,7 @@ msgstr "" "системи." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1186,17 +1243,17 @@ msgstr "" "увімкнути можливість автономного розпізнавання." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "Типове значення: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1205,43 +1262,43 @@ msgstr "" "розпізнавання. Чим більшим є значення, тим більше повідомлень буде показано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "У поточній версії sssd передбачено підтримку таких значень:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: не показувати жодних повідомлень" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: показувати лише важливі повідомлення" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: показувати всі інформаційні повідомлення" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: показувати всі повідомлення та діагностичні дані" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "Типове значення: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1252,7 +1309,7 @@ msgstr "" "що розпізнавання виконується на основі найсвіжіших даних." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1266,18 +1323,18 @@ msgstr "" "надання даних профілів." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "" "Показати попередження за вказану кількість днів перед завершенням дії пароля." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1288,7 +1345,7 @@ msgstr "" "попередження." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1298,7 +1355,7 @@ msgstr "" "буде автоматично показано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1307,17 +1364,17 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> для окремого домену." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "Типове значення: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "Параметри налаштування SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1335,12 +1392,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "sudo_timed (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -1349,22 +1406,22 @@ msgstr "" "призначені для визначення часових обмежень для записів sudoers." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "Параметри налаштування AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "Цими параметрами можна скористатися для налаштування служби autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1375,22 +1432,22 @@ msgstr "" "базі даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "Параметри налаштувань SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "Цими параметрами можна скористатися для налаштування служби SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -1398,12 +1455,12 @@ msgstr "" "Чи слід хешувати назви та адреси вузлів у керованому файлі known_hosts." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -1412,17 +1469,17 @@ msgstr "" "файлі known_hosts після надсилання запиту щодо ключів вузла." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "Типове значення: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "Параметри налаштування відповідача PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1441,7 +1498,7 @@ msgstr "" "декодовано і визначено, виконуються деякі з таких дій:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1459,7 +1516,7 @@ msgstr "" "параметра default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -1468,18 +1525,18 @@ msgstr "" "додано до цих груп." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "" "Цими параметрами можна скористатися для налаштовування відповідача PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1490,14 +1547,14 @@ msgstr "" "іменами користувачів визначатимуться під час запуску." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Типове значення: 0 (доступ до відповідача PAC має лише адміністративний " "користувач (root))" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1511,17 +1568,17 @@ msgstr "" "запис 0." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "РОЗДІЛИ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -1530,7 +1587,7 @@ msgstr "" "відповідає цим обмеженням, його буде проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1543,7 +1600,7 @@ msgstr "" "основної групи і належать діапазону, буде виведено у звичайному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -1552,17 +1609,17 @@ msgstr "" "лише повернення записів за назвою або ідентифікатором." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Типові значення: 1 для min_id, 0 (без обмежень) для max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "enumerate (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" @@ -1571,23 +1628,23 @@ msgstr "" "значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = користувачі і групи нумеруються" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = не використовувати нумерацію для цього домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "Типове значення: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1606,7 +1663,7 @@ msgstr "" "повторне визначення параметрів участі також іноді є складним завданням." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -1616,7 +1673,7 @@ msgstr "" "завершено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1630,7 +1687,7 @@ msgstr "" "відповідного використаного засобу обробки ідентифікаторів (id_provider)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -1639,32 +1696,32 @@ msgstr "" "об’ємних середовищах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "Усі виявлені надійні домени буде пронумеровано" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "Нумерація виявлених надійних доменів не виконуватиметься" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1677,17 +1734,17 @@ msgstr "" "доменів, для яких буде увімкнено нумерацію." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "Типове значення: none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -1696,7 +1753,7 @@ msgstr "" "надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1713,17 +1770,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "Типове значення: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -1732,18 +1789,19 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 -#: sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "Типове значення: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -1752,12 +1810,12 @@ msgstr "" "ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -1766,12 +1824,12 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -1780,12 +1838,12 @@ msgstr "" "ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -1794,12 +1852,12 @@ msgstr "" "надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -1808,12 +1866,32 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +#, fuzzy +#| msgid "entry_cache_sudo_timeout (integer)" +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "entry_cache_sudo_timeout (ціле число)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +#, fuzzy +#| msgid "" +#| "How many seconds to keep a host in the managed known_hosts file after its " +#| "host keys were requested." +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" +"Кількість секунд, протягом яких запису вузла зберігатиметься у керованому " +"файлі known_hosts після надсилання запиту щодо ключів вузла." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -1823,49 +1901,49 @@ msgstr "" "вичерпано або майже вичерпано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" "У поточній версії передбачено оновлення лише застарілих записів мережевих " "груп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Варто визначити для цього параметра значення 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "Типове значення: 0 (вимкнено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "cache_credentials (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Визначає, чи слід також кешувати реєстраційні дані користувача у локальному " "кеші LDB" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Реєстраційні дані користувача зберігаються у форматі хешу SHA512, а не у " "форматі звичайного тексту" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1878,17 +1956,17 @@ msgstr "" "offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "Типове значення: 0 (без обмежень)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1901,17 +1979,17 @@ msgstr "" "даних розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Типове значення: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "id_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -1919,17 +1997,17 @@ msgstr "" "Серед підтримуваних засобів такі:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "«proxy»: підтримка застарілого модуля надання даних NSS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: вбудований засіб SSSD для локальних користувачів" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1940,8 +2018,8 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 -#: sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1954,8 +2032,8 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1967,12 +2045,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -1982,7 +2060,7 @@ msgstr "" "NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1995,7 +2073,7 @@ msgstr "" "не покаже користувача, а <command>getent passwd test@LOCAL</command> покаже." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2006,17 +2084,17 @@ msgstr "" "груп, якщо задано неповну назву, буде виконано пошук у всіх доменах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "Не повертати записи учасників груп для пошуків груп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2027,12 +2105,12 @@ msgstr "" "обробки запитів щодо пошуку груп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "auth_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -2041,7 +2119,7 @@ msgstr "" "служб розпізнавання:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2053,7 +2131,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2065,18 +2143,18 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "<quote>proxy</quote> — трансльоване розпізнавання у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> — вимкнути розпізнавання повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -2085,12 +2163,12 @@ msgstr "" "спосіб встановлено і можлива обробка запитів щодо розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "access_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2101,7 +2179,7 @@ msgstr "" "Вбудованими програмами є:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -2110,12 +2188,12 @@ msgstr "" "доступу для локального домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> — завжди забороняти доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2128,17 +2206,17 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "Типове значення: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "chpass_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -2147,7 +2225,7 @@ msgstr "" "підтримку таких систем зміни паролів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2159,7 +2237,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2171,18 +2249,18 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "<quote>proxy</quote> — трансльована зміна пароля у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> — явно вимкнути можливість зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -2191,19 +2269,19 @@ msgstr "" "цього параметра і якщо система здатна обробляти запити щодо паролів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "sudo_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Служба SUDO, яку використано для цього домену. Серед підтримуваних служб " "SUDO:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2215,7 +2293,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -2224,7 +2302,7 @@ msgstr "" "параметрами IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -2233,20 +2311,20 @@ msgstr "" "параметрами AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> явним чином вимикає SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 -#: sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Типове значення: використовується значення <quote>id_provider</quote>, якщо " "його встановлено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2265,12 +2343,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "selinux_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2281,7 +2359,7 @@ msgstr "" "доступу. Передбачено підтримку таких засобів надання даних SELinux:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2293,14 +2371,14 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> явним чином забороняє отримання даних щодо параметрів " "SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -2309,12 +2387,12 @@ msgstr "" "спосіб встановлено і можлива обробка запитів щодо завантаження SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "subdomains_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -2324,7 +2402,7 @@ msgstr "" "підтримку таких засобів надання даних піддоменів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2336,17 +2414,17 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> забороняє ячним чином отримання даних піддоменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "autofs_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -2354,7 +2432,7 @@ msgstr "" "autofs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2366,7 +2444,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2378,17 +2456,17 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> вимикає autofs повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "hostid_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -2397,7 +2475,7 @@ msgstr "" "вузла. Серед підтримуваних засобів надання hostid:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2409,12 +2487,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> вимикає hostid повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2428,7 +2506,7 @@ msgstr "" "IPA та доменів Active Directory, простій назві (NetBIOS) домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2441,22 +2519,22 @@ msgstr "" "різні стилі запису імен користувачів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "користувач" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "користувач@назва.домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "домен\\користувач" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -2465,7 +2543,7 @@ msgstr "" "того, щоб полегшити інтеграцію користувачів з доменів Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2476,7 +2554,7 @@ msgstr "" "домену — все після цього символу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2488,7 +2566,7 @@ msgstr "" "платформах з версією libpcre 7." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -2498,17 +2576,17 @@ msgstr "" "підшаблонів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Типове значення: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "lookup_family_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -2517,48 +2595,48 @@ msgstr "" "під час виконання пошуків у DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "Передбачено підтримку таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: спробувати визначити адресу у форматі IPv4, у разі невдачі " "спробувати формат IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only: намагатися визначити назви вузлів лише у форматі адрес IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: спробувати визначити адресу у форматі IPv6, у разі невдачі " "спробувати формат IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only: намагатися визначити назви вузлів лише у форматі адрес IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "Типове значення: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2569,18 +2647,18 @@ msgstr "" "очікування буде перевищено, домен продовжуватиме роботу у автономному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 -#: sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "Типове значення: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -2589,47 +2667,88 @@ msgstr "" "частину запиту визначення служб DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Типова поведінка: використовувати назву домену з назви вузла комп’ютера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "override_gid (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "Замірити значення основного GID на вказане." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +#, fuzzy +#| msgid "case_sensitive (boolean)" +msgid "case_sensitive (string)" msgstr "case_sensitive (булеве значення)" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 +#, fuzzy +#| msgid "" +#| "Treat user and group names as case sensitive. At the moment, this option " +#| "is not supported in the local provider." msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "Враховувати регістр записів імен користувачів та назв груп. У поточній " "версії підтримку передбачено лише для локальних надавачів даних." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" -msgstr "Типове значення: True" +#: sssd.conf.5.xml:1916 +#, fuzzy +#| msgid "Default: false (AD provider: true)" +msgid "Default: True (False for AD provider)" +msgstr "Типове значення: false (надається AD: true)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2644,22 +2763,22 @@ msgstr "" "у кеші, щоб пришвидшити надання результатів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "спрощена (NetBIOS) назва піддомену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2674,7 +2793,7 @@ msgstr "" "emphasis>. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -2682,17 +2801,17 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Типове значення: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "realmd_tags (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -2700,7 +2819,7 @@ msgstr "" "домену." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2711,17 +2830,17 @@ msgstr "" "quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "Комп’ютер, для якого виконує проксі-сервер PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -2730,12 +2849,12 @@ msgstr "" "налаштуваннями pam або створити нові і тут додати назву служби." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2746,7 +2865,7 @@ msgstr "" "наприклад _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -2755,12 +2874,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "Розділ локального домену" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2771,29 +2890,29 @@ msgstr "" "використовує <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "default_shell (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "Типова оболонка для записів користувачів, створених за допомогою " "інструментів простору користувачів SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "Типове значення: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "base_directory (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -2802,17 +2921,17 @@ msgstr "" "replaceable> і використовують отриману адресу як адресу домашнього каталогу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "Типове значення: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "create_homedir (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -2821,17 +2940,17 @@ msgstr "" "Може бути перевизначено з командного рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "Типове значення: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "remove_homedir (булівське значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -2840,12 +2959,12 @@ msgstr "" "користувачів. Може бути перевизначено з командного рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "homedir_umask (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2856,17 +2975,17 @@ msgstr "" "до щойно створеного домашнього каталогу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "Типове значення: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "skel_dir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2879,17 +2998,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "Типове значення: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "mail_dir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2900,17 +3019,17 @@ msgstr "" "каталог не вказано, буде використано типове значення." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "Типове значення: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "userdel_cmd (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2921,18 +3040,19 @@ msgstr "" "вилучається. Код виконання, повернутий програмою не обробляється." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "Типове значення: None, не виконувати жодних команд" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 +#: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "ПРИКЛАД" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2986,7 +3106,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3170,7 +3290,7 @@ msgstr "" "специфікації http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "Приклади:" @@ -3398,7 +3518,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "Атрибут LDAP, що відповідає ідентифікатору основної групи користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "Типове значення: gidNumber" @@ -3450,26 +3570,11 @@ msgstr "Типове значення: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "ldap_user_uuid (рядок)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта користувача LDAP." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "Типове значення: nsUniqueId" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -3478,19 +3583,19 @@ msgstr "" "потрібен лише для серверів ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" "Типове значення: objectSid для ActiveDirectory, не встановлено для інших " "серверів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -3499,17 +3604,17 @@ msgstr "" "об’єкта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "Типове значення: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3522,17 +3627,17 @@ msgstr "" "citerefentry> (дати останньої зміни пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "Типове значення: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3545,17 +3650,17 @@ msgstr "" "citerefentry> (мінімального віку пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "Типове значення: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3568,17 +3673,17 @@ msgstr "" "citerefentry> (максимального віку пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "Типове значення: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3591,17 +3696,17 @@ msgstr "" "citerefentry> (проміжку попередження щодо пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "Типове значення: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -3614,17 +3719,17 @@ msgstr "" "citerefentry> (тривалості періоду невикористання пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "Типове значення: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -3638,17 +3743,17 @@ msgstr "" "строку дії пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "Типове значення: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -3659,17 +3764,17 @@ msgstr "" "у kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "Типове значення: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -3679,17 +3784,17 @@ msgstr "" "поточного пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "Типове значення: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -3699,17 +3804,17 @@ msgstr "" "облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "Типове значення: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -3719,17 +3824,17 @@ msgstr "" "облікового запису користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "Типове значення: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -3738,17 +3843,17 @@ msgstr "" "цей параметр визначає, заборонено чи дозволено доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "Типове значення: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -3757,17 +3862,17 @@ msgstr "" "чи заборонено доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "Типове значення: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -3776,12 +3881,12 @@ msgstr "" "якої надано доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -3790,17 +3895,17 @@ msgstr "" "тижня, коли надається доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "Типове значення: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -3808,17 +3913,17 @@ msgstr "" "Атрибут LDAP, що містить Kerberos User Principal Name (UPN) користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "Типове значення: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "ldap_user_extra_attrs (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." @@ -3827,7 +3932,7 @@ msgstr "" "звичайним набором атрибутів запису користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3842,7 +3947,7 @@ msgstr "" "де налаштовано декілька доменів SSSD з різними схемами LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3853,12 +3958,12 @@ msgstr "" "назв атрибутів використано як назву додаткового атрибута." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." @@ -3866,34 +3971,41 @@ msgstr "" "Зберегти атрибут «telephoneNumber» з LDAP як «telephoneNumber» до кешу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "Зберегти атрибут «telephoneNumber» з LDAP як «phone» до кешу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "Атрибут LDAP, який містить відкриті ключі SSH користувача." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +#, fuzzy +#| msgid "Default: sudoRole" +msgid "Default: sshPublicKey" +msgstr "Типове значення: sudoRole" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3907,12 +4019,12 @@ msgstr "" "області у верхньому регістрі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -3921,12 +4033,12 @@ msgstr "" "свого кешу нумерованих записів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3937,54 +4049,56 @@ msgstr "" "цих записів з метою економії місця." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" "Встановлення нульового значення цього параметра вимкне дію з очищення кешу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" +#: sssd-ldap.5.xml:711 +#, fuzzy +#| msgid "Default: 10800 (12 hours)" +msgid "Default: 10800 (3 hours)" msgstr "Типове значення: 10800 (12 годин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "Атрибут LDAP, що відповідає повному імені користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 -#: sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "Типове значення: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "Атрибут LDAP зі списком груп, у яких бере участь користувач." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "Типове значення: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -3995,7 +4109,7 @@ msgstr "" "LDAP для визначення прав доступу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -4004,7 +4118,7 @@ msgstr "" "(svc) і нарешті загальні дозволи або allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -4015,17 +4129,17 @@ msgstr "" "система змогла скористатися параметром ldap_user_authorized_service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "Типове значення: authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -4036,7 +4150,7 @@ msgstr "" "доступу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -4045,7 +4159,7 @@ msgstr "" "(host) і нарешті загальні дозволи або allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -4056,77 +4170,67 @@ msgstr "" "скористатися параметром ldap_user_authorized_host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "Типове значення: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "Клас об’єктів запису групи у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "Типове значення: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "ldap_group_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "Атрибут LDAP, що відповідає назві групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "Атрибут LDAP, що відповідає ідентифікатору групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "ldap_group_member (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "Атрибут LDAP, у якому містяться імена учасників групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Типове значення: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "ldap_group_uuid (рядок)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта групи LDAP." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -4135,17 +4239,17 @@ msgstr "" "лише для серверів ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." @@ -4154,7 +4258,7 @@ msgstr "" "можливо, інші прапорці." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4165,19 +4269,19 @@ msgstr "" "відфільтровано у списку надійних (довірених) доменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "" "Типове значення: groupType у засобі надання даних AD, у інших засобах не " "встановлено" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4189,7 +4293,7 @@ msgstr "" "параметра буде проігноровано, якщо використано схему RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4205,7 +4309,7 @@ msgstr "" "початкового пошуку, якщо запити щодо пошуку надходять повторно." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -4219,17 +4323,17 @@ msgstr "" "ldap_use_tokengroups значення false." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "Типове значення: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4241,7 +4345,7 @@ msgstr "" "високим рівнем вкладеності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." @@ -4250,7 +4354,7 @@ msgstr "" "можна буде спостерігати лише у дуже складних випадках вкладеності груп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4261,7 +4365,7 @@ msgstr "" "можливості. Отже, насправді значення «True» означає «визначити автоматично»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -4274,18 +4378,18 @@ msgstr "" "windows/desktop/aa746475%28v=vs.85%29.aspx\">документації MSDN(TM)</ulink>." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 -#: sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 +#: sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "Типове значення: False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4298,12 +4402,12 @@ msgstr "" "вкладеності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -4312,127 +4416,116 @@ msgstr "" "атрибута Token-Groups під час виконання initgroup для користувачів Active " "Directory Server 2008 та новіших версій." +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "Типове значення: True" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "Клас об’єктів запису мережевої групи (netgroup) у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_object_class." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "Типове значення: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "Атрибут LDAP, що відповідає назві мережевої групи (netgroup)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_name." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" "Атрибут LDAP, у якому містяться імена учасників мережевої групи (netgroup)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_member." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "Типове значення: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" "Атрибут LDAP, що містить трійки мережевої групи (вузол, користувач, домен)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "Цим параметром не можна скористатися у надавачі даних IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "Типове значення: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "ldap_netgroup_uuid (рядок)" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта мережевої групи LDAP." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "У надавачі даних IPA має бути використано ipa_netgroup_uuid." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "Клас об’єктів запису служби у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "Типове значення: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "ldap_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -4440,48 +4533,48 @@ msgstr "" "Атрибут LDAP, що містить назву атрибутів служби та замінників цих атрибутів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "ldap_service_port (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "Атрибут LDAP, що містить номер порту, яким керує ця служба." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "Типове значення: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "Атрибут LDAP, що містить протоколи, за яким може працювати ця служба." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "Типове значення: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -4492,7 +4585,7 @@ msgstr "" "автономного режиму роботи)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4503,12 +4596,12 @@ msgstr "" "окремих типів пошуків." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4519,12 +4612,12 @@ msgstr "" "кешованих даних (і переходом до автономного режиму роботи)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -4541,12 +4634,12 @@ msgstr "" "citerefentry> повертається до стану бездіяльності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -4558,12 +4651,12 @@ msgstr "" "випадку прив’язки SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -4577,17 +4670,17 @@ msgstr "" "дії TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "Типове значення: 900 (15 хвилин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -4597,17 +4690,17 @@ msgstr "" "один запит." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "Типове значення: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -4618,7 +4711,7 @@ msgstr "" "RootDSE, але цю підтримку не увімкнено або вона не працює належним чином." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -4628,7 +4721,7 @@ msgstr "" "підтримкою не можна скористатися." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -4639,17 +4732,17 @@ msgstr "" "це може призвести до відмови у виконанні запитів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "Вимкнути отримання діапазону Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -4665,12 +4758,12 @@ msgstr "" "буде представлено як такі, у яких немає учасників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -4681,19 +4774,19 @@ msgstr "" "параметра визначається OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Типове значення: типове для системи значення (зазвичай, визначається у ldap." "conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -4705,7 +4798,7 @@ msgstr "" "виконуватиметься окремо." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" @@ -4713,7 +4806,7 @@ msgstr "" "(розіменуванням), якщо вкажете значення 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -4726,7 +4819,7 @@ msgstr "" "OpenLDAP та Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -4737,12 +4830,12 @@ msgstr "" "незалежно від використання цього параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -4752,7 +4845,7 @@ msgstr "" "таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -4761,7 +4854,7 @@ msgstr "" "жодних сертифікатів сервера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4773,7 +4866,7 @@ msgstr "" "режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4784,7 +4877,7 @@ msgstr "" "надано помилковий сертифікат, негайно перервати сеанс." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -4795,22 +4888,22 @@ msgstr "" "перервати сеанс." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = те саме, що і <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "Типове значення: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -4819,7 +4912,7 @@ msgstr "" "розпізнаються <command>sssd</command>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -4828,12 +4921,12 @@ msgstr "" "у <filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4846,32 +4939,32 @@ msgstr "" "<command>cacertdir_rehash</command>, якщо ця програма є доступною." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Визначає файл, який містить сертифікат для ключа клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "Визначає файл, у якому міститься ключ клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4883,12 +4976,12 @@ msgstr "" "<manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -4897,12 +4990,12 @@ msgstr "" "class=\"protocol\">tls</systemitem> для захисту каналу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4914,19 +5007,19 @@ msgstr "" "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "У поточній версії у цій можливості передбачено підтримку лише встановлення " "відповідності objectSID у ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "ldap_min_id, ldap_max_id (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4946,18 +5039,18 @@ msgstr "" "ідентифікаторів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "" "Типове значення: не встановлено (обидва параметри встановлено у значення 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -4966,12 +5059,12 @@ msgstr "" "перевірено і підтримується лише механізм GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4986,17 +5079,17 @@ msgstr "" "myhost)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "Типове значення: вузол/назва_вузла@ОБЛАСТЬ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5008,17 +5101,17 @@ msgstr "" "проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "Типове значення: значення krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -5028,34 +5121,34 @@ msgstr "" "SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "Типове значення: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Визначає таблицю ключів, яку слід використовувати разом з SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Типове значення: системна таблиця ключів, зазвичай <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5066,27 +5159,27 @@ msgstr "" "механізм GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Визначає строк дії (у секундах) TGT, якщо використовується GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "Типове значення: 86400 (24 години)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5105,7 +5198,7 @@ msgstr "" "про виявлення служб можна дізнатися з розділу «ПОШУК СЛУЖБ»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5117,7 +5210,7 @@ msgstr "" "вдасться знайти." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5128,29 +5221,29 @@ msgstr "" "варто перейти на використання «krb5_server» у файлах налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Вказати область Kerberos (для розпізнавання за SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Типове значення: типове значення системи, див. <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -5160,12 +5253,12 @@ msgstr "" "версії MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5180,7 +5273,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5191,12 +5284,12 @@ msgstr "" "manvolnum> </citerefentry>, щоб дізнатися більше про додаток пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -5205,7 +5298,7 @@ msgstr "" "використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -5214,7 +5307,7 @@ msgstr "" "разі використання цього варіанта перевірку на боці сервера вимкнено не буде." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5225,7 +5318,7 @@ msgstr "" "manvolnum></citerefentry> для визначення того, чи чинним є пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5236,7 +5329,7 @@ msgstr "" "скористайтеся chpass_provider=krb5 для оновлення цих атрибутів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -5246,18 +5339,18 @@ msgstr "" "встановленими за допомогою цього параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Визначає, чи має бути увімкнено автоматичне визначення напрямків пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -5266,7 +5359,7 @@ msgstr "" "з версією OpenLDAP 2.4.13 або новішою версією." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5280,28 +5373,28 @@ msgstr "" "«false» може значно пришвидшити роботу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Визначає назву служби, яку буде використано у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "Типове значення: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -5310,17 +5403,17 @@ msgstr "" "уможливлює зміну паролів, у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Типове значення: не встановлено, тобто пошук служб вимкнено" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -5329,12 +5422,12 @@ msgstr "" "щодо кількості днів з часу виконання дії зі зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5363,12 +5456,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "Приклад:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5380,7 +5473,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -5389,7 +5482,7 @@ msgstr "" "employeeType встановлено у значення «admin»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5403,17 +5496,17 @@ msgstr "" "таких прав не було надано, у автономному режимі їх також не буде надано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "Типове значення: порожній рядок" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -5422,7 +5515,7 @@ msgstr "" "керування доступом на боці клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5433,12 +5526,12 @@ msgstr "" "з відповідним кодом помилки, навіть якщо вказано правильний пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "Можна використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -5447,7 +5540,7 @@ msgstr "" "визначити, чи завершено строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5460,7 +5553,7 @@ msgstr "" "Також буде перевірено, чи не вичерпано строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5471,7 +5564,7 @@ msgstr "" "ldap_ns_account_lock." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5484,7 +5577,7 @@ msgstr "" "атрибутів, надати доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5495,30 +5588,38 @@ msgstr "" "користуватися параметром ldap_account_expire_policy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "ldap_access_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Список відокремлених комами параметрів керування доступом. Можливі значення " "списку:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: використовувати ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" "<emphasis>expire</emphasis>: використовувати ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -5527,19 +5628,19 @@ msgstr "" "можливості доступу атрибут authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: за допомогою цього атрибута вузла можна визначити " "права доступу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "Типове значення: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -5548,12 +5649,38 @@ msgstr "" "використано декілька разів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +#, fuzzy +#| msgid "ldap_pwd_policy (string)" +msgid "ldap_pwdlockout_dn (string)" +msgstr "ldap_pwd_policy (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "ldap_deref (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -5562,13 +5689,13 @@ msgstr "" "пошуку. Можливі такі варіанти:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: ніколи не виконувати розіменування псевдонімів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -5578,7 +5705,7 @@ msgstr "" "пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -5587,7 +5714,7 @@ msgstr "" "під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -5596,7 +5723,7 @@ msgstr "" "час пошуку, так і під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -5605,12 +5732,12 @@ msgstr "" "сценарієм <emphasis>never</emphasis>)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -5619,7 +5746,7 @@ msgstr "" "серверів, у яких використовується схема RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -5637,7 +5764,7 @@ msgstr "" "користувачів за допомогою виклику getpw*() або initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -5664,12 +5791,12 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "ПАРАМЕТРИ SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -5680,52 +5807,52 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "Клас об’єктів запису правила sudo у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "Типове значення: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "Атрибут LDAP, що відповідає назві правила sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "Атрибут LDAP, що відповідає назві команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "Типове значення: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -5734,17 +5861,17 @@ msgstr "" "вузла, мережевій групі вузла)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "Типове значення: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -5753,32 +5880,32 @@ msgstr "" "або назві мережевої групи користувача)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "Типове значення: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "Атрибут LDAP, що відповідає параметрам sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "Типове значення: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -5787,17 +5914,17 @@ msgstr "" "команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "Типове значення: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -5806,17 +5933,17 @@ msgstr "" "виконувати команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "Типове значення: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -5824,49 +5951,49 @@ msgstr "" "Атрибут LDAP, що відповідає даті і часу набуття чинності правилом sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "Типове значення: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "Атрибут LDAP, що відповідає даті і часу втрати чинності правилом sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "Типове значення: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "Атрибут LDAP, що відповідає порядковому номеру правила." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "Типове значення: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -5876,7 +6003,7 @@ msgstr "" "набір правил, що зберігаються на сервері." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -5885,17 +6012,17 @@ msgstr "" "<emphasis>ldap_sudo_smart_refresh_interval </emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "Типове значення: 21600 (6 годин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -5906,7 +6033,7 @@ msgstr "" "правил, USN яких перевищує найбільше значення USN у кешованих правилах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -5915,12 +6042,12 @@ msgstr "" "дані атрибута modifyTimestamp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -5930,12 +6057,12 @@ msgstr "" "назв вузлів)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -5944,7 +6071,7 @@ msgstr "" "фільтрування списку правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -5953,8 +6080,8 @@ msgstr "" "назву вузла та повну назву комп’ютера у домені у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -5963,17 +6090,17 @@ msgstr "" "<emphasis>false</emphasis>, цей параметр ні на що не впливатиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "Типове значення: не вказано" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -5982,7 +6109,7 @@ msgstr "" "правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -5991,12 +6118,12 @@ msgstr "" "адресу у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -6005,12 +6132,12 @@ msgstr "" "мережеву групу (netgroup) у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -6019,7 +6146,7 @@ msgstr "" "заміни у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6032,12 +6159,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "ПАРАМЕТРИ AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." @@ -6046,62 +6173,62 @@ msgstr "" "визначено у RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "Назва основної карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "Типове значення: auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "Клас об’єктів запису карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "Типове значення: automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "Назва запису карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "Типове значення: ou" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -6110,17 +6237,17 @@ msgstr "" "точні монтування." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "Типове значення: automountInformation" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6133,37 +6260,37 @@ msgstr "" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "ДОДАТКОВІ ПАРАМЕТРИ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6174,7 +6301,7 @@ msgstr "" "відомі наслідки ваших дій. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6185,7 +6312,7 @@ msgstr "" "<replaceable>[domains]</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -6205,20 +6332,20 @@ msgstr "" " cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 -#: sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 +#: sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЗАУВАЖЕННЯ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6863,7 +6990,7 @@ msgstr "" "цього вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "dyndns_update (булеве значення)" @@ -6883,7 +7010,7 @@ msgstr "" "допомогою параметра «dyndns_iface»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -6904,12 +7031,12 @@ msgstr "" "назву, <emphasis>dyndns_update</emphasis>, у файлі налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -6936,12 +7063,12 @@ msgid "Default: 1200 (seconds)" msgstr "Типове значення: 1200 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "dyndns_iface (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -6997,12 +7124,12 @@ msgstr "" "вважатимуться резервними серверами." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -7014,12 +7141,12 @@ msgstr "" "є обов’язкоми, його застосовують, лише якщо dyndns_update має значення true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -7043,12 +7170,12 @@ msgid "Default: False (disabled)" msgstr "Типове значення: False (вимкнено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -7057,7 +7184,7 @@ msgstr "" "даними з сервером DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Типове значення: False (надати змогу nsupdate вибирати протокол)" @@ -7163,7 +7290,7 @@ msgstr "" "Перевірити за допомогою krb5_keytab, чи не було підмінено отриманий TGT." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -7274,7 +7401,7 @@ msgstr "" "короткого періоду часу надходить багато запитів щодо керування доступом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "Типове значення: 5 (секунд)" @@ -7897,8 +8024,486 @@ msgstr "" msgid "Default: permissive" msgstr "Типове значення: permissive" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +#, fuzzy +#| msgid "ldap_purge_cache_timeout (integer)" +msgid "ad_gpo_cache_timeout (integer)" +msgstr "ldap_purge_cache_timeout (ціле число)" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 +#, fuzzy +#| msgid "" +#| "The amount of time between lookups of the HBAC rules against the IPA " +#| "server. This will reduce the latency and load on the IPA server if there " +#| "are many access-control requests made in a short period." +msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" +"Проміжок часу між послідовними пошуками правил HBAC щодо сервера IPA. Зміна " +"може зменшити час затримки та навантаження на сервер IPA, якщо протягом " +"короткого періоду часу надходить багато запитів щодо керування доступом." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_interactive (string)" +msgstr "ad_domain (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +#, fuzzy +#| msgid "" +#| "It is possible to add another attribute to this set by using <quote>" +#| "+attr_name</quote> or explicitly remove an attribute using <quote>-" +#| "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> " +#| "but deny <quote>loginShell</quote>, you would use the following " +#| "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>login</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Ви можете додати інший атрибут до цього набору за допомогою параметра " +"«+назва_атрибута» або явним чином виключити атрибут за допомогою параметра «-" +"назва_атрибута». Наприклад, щоб дозволити «telephoneNumber», але заборонити " +"«loginShell», вам слід скористатися такими налаштуваннями: <placeholder type=" +"\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 +#: sssd-ad.5.xml:559 +#, fuzzy +#| msgid "" +#| "Default: not set. Only the default set of POSIX attributes is allowed." +msgid "Default: the default set of PAM service names includes:" +msgstr "" +"Типове значення: не встановлено. Дозволено лише типовий набір атрибутів " +"POSIX." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +#, fuzzy +#| msgid "login UID" +msgid "login" +msgstr "ідентифікатор користувача" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +#, fuzzy +#| msgid "password" +msgid "gdm-password" +msgstr "password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +#, fuzzy +#| msgid "ldap_user_shadow_inactive (string)" +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "ldap_user_shadow_inactive (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +#, fuzzy +#| msgid "" +#| "It is possible to add another attribute to this set by using <quote>" +#| "+attr_name</quote> or explicitly remove an attribute using <quote>-" +#| "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> " +#| "but deny <quote>loginShell</quote>, you would use the following " +#| "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>sshd</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Ви можете додати інший атрибут до цього набору за допомогою параметра " +"«+назва_атрибута» або явним чином виключити атрибут за допомогою параметра «-" +"назва_атрибута». Наприклад, щоб дозволити «telephoneNumber», але заборонити " +"«loginShell», вам слід скористатися такими налаштуваннями: <placeholder type=" +"\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +#, fuzzy +#| msgid "ad_gpo_access_control (string)" +msgid "ad_gpo_map_network (string)" +msgstr "ad_gpo_access_control (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +#, fuzzy +#| msgid "" +#| "It is possible to add another attribute to this set by using <quote>" +#| "+attr_name</quote> or explicitly remove an attribute using <quote>-" +#| "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> " +#| "but deny <quote>loginShell</quote>, you would use the following " +#| "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>ftp</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Ви можете додати інший атрибут до цього набору за допомогою параметра " +"«+назва_атрибута» або явним чином виключити атрибут за допомогою параметра «-" +"назва_атрибута». Наприклад, щоб дозволити «telephoneNumber», але заборонити " +"«loginShell», вам слід скористатися такими налаштуваннями: <placeholder type=" +"\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_batch (string)" +msgstr "ad_domain (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +#, fuzzy +#| msgid "" +#| "It is possible to add another attribute to this set by using <quote>" +#| "+attr_name</quote> or explicitly remove an attribute using <quote>-" +#| "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> " +#| "but deny <quote>loginShell</quote>, you would use the following " +#| "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>crond</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Ви можете додати інший атрибут до цього набору за допомогою параметра " +"«+назва_атрибута» або явним чином виключити атрибут за допомогою параметра «-" +"назва_атрибута». Наприклад, щоб дозволити «telephoneNumber», але заборонити " +"«loginShell», вам слід скористатися такими налаштуваннями: <placeholder type=" +"\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +#, fuzzy +#| msgid "ldap_service_name (string)" +msgid "ad_gpo_map_service (string)" +msgstr "ldap_service_name (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +#, fuzzy +#| msgid "" +#| "It is possible to add another attribute to this set by using <quote>" +#| "+attr_name</quote> or explicitly remove an attribute using <quote>-" +#| "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> " +#| "but deny <quote>loginShell</quote>, you would use the following " +#| "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgid "" +"It is possible to add a PAM service name to the default set by using <quote>" +"+service_name</quote>. Since the default set is empty, it is not possible " +"to remove a PAM service name from the default set. For example, in order to " +"add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " +"would use the following configuration: <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" +"Ви можете додати інший атрибут до цього набору за допомогою параметра " +"«+назва_атрибута» або явним чином виключити атрибут за допомогою параметра «-" +"назва_атрибута». Наприклад, щоб дозволити «telephoneNumber», але заборонити " +"«loginShell», вам слід скористатися такими налаштуваннями: <placeholder type=" +"\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_permit (string)" +msgstr "ad_domain (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +#, fuzzy +#| msgid "" +#| "It is possible to add another attribute to this set by using <quote>" +#| "+attr_name</quote> or explicitly remove an attribute using <quote>-" +#| "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> " +#| "but deny <quote>loginShell</quote>, you would use the following " +#| "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Ви можете додати інший атрибут до цього набору за допомогою параметра " +"«+назва_атрибута» або явним чином виключити атрибут за допомогою параметра «-" +"назва_атрибута». Наприклад, щоб дозволити «telephoneNumber», але заборонити " +"«loginShell», вам слід скористатися такими налаштуваннями: <placeholder type=" +"\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +#, fuzzy +#| msgid "sssd-sudo" +msgid "sudo" +msgstr "sssd-sudo" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +#, fuzzy +#| msgid "ad_domain (string)" +msgid "ad_gpo_map_deny (string)" +msgstr "ad_domain (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +#, fuzzy +#| msgid "ldap_default_authtok (string)" +msgid "ad_gpo_default_right (string)" +msgstr "ldap_default_authtok (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +#, fuzzy +#| msgid "There are three supported values for this option:" +msgid "Supported values for this option include:" +msgstr "У цього параметра є три підтримуваних значення:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +#, fuzzy +#| msgid "services" +msgid "service" +msgstr "services" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +#, fuzzy +#| msgid "Default: cn" +msgid "Default: deny" +msgstr "Типове значення: cn" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -7915,22 +8520,22 @@ msgstr "" "якщо цю адресу не було змінено за допомогою параметра «dyndns_iface»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "Типове значення: 3600 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "Типове значення: використовувати IP-адресу з’єднання LDAP AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "krb5_use_enterprise_principal (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." @@ -7940,7 +8545,7 @@ msgstr "" "реєстраційні дані." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -7951,7 +8556,7 @@ msgstr "" "У прикладі продемонстровано лише параметри доступу, специфічні для засобу AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -7975,7 +8580,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7987,7 +8592,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -7999,10 +8604,18 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 +#, fuzzy +#| msgid "" +#| "However, unless the <quote>ad</quote> access control provider is " +#| "explicitly configured, the default access provider is <quote>permit</" +#| "quote>." msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" "Втім, якщо інструмент керування наданням доступу «ad» не налаштовано явно, " "типовим інструментом надання доступу є «permit»." @@ -8496,28 +9109,33 @@ msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" -"Наказує SSSD імітувати роботу у автономному режимі протягом однієї хвилини. " -"Найкориснішим застосуванням є тестування служби." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 +#, fuzzy +#| msgid "" +#| "Tells the SSSD to go online immediately. This is mostly useful for " +#| "testing purposes." msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" "Наказує SSSD перейти у режим роботи у мережі негайно. Найкориснішим " "застосуванням є тестування служби." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -9976,6 +10594,47 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 +#, fuzzy +#| msgid "" +#| "<option>-u</option>,<option>--user</option> <replaceable>login</" +#| "replaceable>" +msgid "" +"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" +"replaceable>" +msgstr "" +"<option>-u</option>,<option>--user</option> <replaceable>реєстраційні дані</" +"replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:167 +#, fuzzy +#| msgid "Invalidate specific user." +msgid "Invalidate SSH public keys of a specific host." +msgstr "Скасувати визначення вказаного користувача." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +#, fuzzy +#| msgid "<option>-s</option>,<option>--stdin</option>" +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "<option>-s</option>,<option>--stdin</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +#, fuzzy +#| msgid "" +#| "Invalidate all autofs maps. This option overrides invalidation of " +#| "specific map if it was also set." +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" +"Скасувати визначення всіх записів карт autofs. Цей параметр має вищий " +"пріоритет за параметр скасування визначення для будь-якої карти, якщо такий " +"параметр вказано." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>domain</" "replaceable>" @@ -9984,7 +10643,7 @@ msgstr "" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_cache.8.xml:167 +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "Обмежити процедуру скасування визначення лише певним доменом." @@ -10354,6 +11013,182 @@ msgstr "" "Типове значення: не встановлено. Дозволено лише типовий набір атрибутів " "POSIX." +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" +"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " +"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" +"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " +"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" +"author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +#, fuzzy +#| msgid "sss_groupmod" +msgid "sss_rpcidmapd" +msgstr "sss_groupmod" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "CONFIGURATION FILE" +msgstr "ПАРАМЕТРИ НАЛАШТУВАННЯ" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +#, fuzzy +#| msgid "" +#| "Specifies acceptable cipher suites. Typically this is a colon sperated " +#| "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " +#| "<manvolnum>5</manvolnum></citerefentry> for format." +msgid "" +"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." +"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." +msgstr "" +"Визначає прийнятні комплекти програм для шифрування. Записи у типовому " +"списку слід відокремлювати комами. З форматом можна ознайомитися на сторінці " +"довідника до <citerefentry><refentrytitle>ldap.conf</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry>." + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "SSS CONFIGURATION EXTENSION" +msgstr "ПАРАМЕТРИ НАЛАШТУВАННЯ" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +#, fuzzy +#| msgid "The [sssd] section" +msgid "[sss] config section" +msgstr "Розділ [sssd]" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +#, fuzzy +#| msgid "Configuration" +msgid "Configuration attributes" +msgstr "Налаштування" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +#, fuzzy +#| msgid "enumerate (bool)" +msgid "memcache (bool)" +msgstr "enumerate (булеве значення)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +#, fuzzy +#| msgid "" +#| "The following expansions are supported: <placeholder type=\"variablelist" +#| "\" id=\"0\"/>" +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Передбачено використання таких замінників: <placeholder type=\"variablelist" +"\" id=\"0\"/>" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "ТАКОЖ ПЕРЕГЛЯНЬТЕ" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +#, fuzzy +#| msgid "" +#| "This manual page describes how to configure <citerefentry> " +#| "<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </" +#| "citerefentry> to work with <citerefentry> <refentrytitle>sssd</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> and how SSSD " +#| "caches sudo rules." +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" +"На цій сторінці підручника описано способи налаштовування <citerefentry> " +"<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> " +"на роботу у комплексі з <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> та способи кешування правил sudo у " +"SSSD." + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -11458,13 +12293,49 @@ msgstr "" "<command>sss_user*</command> та <command>sss_group*</command> використовують " "для зберігання записів користувачів і груп локальне сховище даних LDB." -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "ТАКОЖ ПЕРЕГЛЯНЬТЕ" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 +#, fuzzy +#| msgid "" +#| "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</" +#| "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" +#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" +#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</" +#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </" +#| "citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> " +#| "<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_seed</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</" +#| "manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> " +#| "<citerefentry> <refentrytitle>sss_ssh_authorizedkeys</refentrytitle> " +#| "<manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</" +#| "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " +#| "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" +#| "manvolnum> </citerefentry>, </phrase> <citerefentry> " +#| "<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>." msgid "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" @@ -11503,7 +12374,9 @@ msgid "" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" msgstr "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" @@ -11717,3 +12590,47 @@ msgstr "" #: include/homedir_substring.xml:15 msgid "Default: /home" msgstr "Типове значення: /home" + +#~ msgid "" +#~ "If SSSD is in offline mode, and last attempt to go online was less than " +#~ "number of seconds specified in this option ago, new requests for data " +#~ "will not result in attempt to go online." +#~ msgstr "" +#~ "Якщо SSSD працює у автономному режимі і остання спроба встановити зв’язок " +#~ "з мережею виконувалася менше ніж за вказану кількість секунд тому, нові " +#~ "запити щодо отримання даних не призводитимуть до спроб встановити " +#~ "з’єднання з мережею." + +#~ msgid "ldap_user_uuid (string)" +#~ msgstr "ldap_user_uuid (рядок)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP user object." +#~ msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта користувача LDAP." + +#~ msgid "Default: nsUniqueId" +#~ msgstr "Типове значення: nsUniqueId" + +#~ msgid "ldap_group_uuid (string)" +#~ msgstr "ldap_group_uuid (рядок)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP group object." +#~ msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта групи LDAP." + +#~ msgid "ldap_netgroup_uuid (string)" +#~ msgstr "ldap_netgroup_uuid (рядок)" + +#~ msgid "" +#~ "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." +#~ msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта мережевої групи LDAP." + +#~ msgid "In IPA provider, ipa_netgroup_uuid should be used instead." +#~ msgstr "У надавачі даних IPA має бути використано ipa_netgroup_uuid." + +#~ msgid "" +#~ "Tells the SSSD to simulate offline operation for one minute. This is " +#~ "mostly useful for testing purposes." +#~ msgstr "" +#~ "Наказує SSSD імітувати роботу у автономному режимі протягом однієї " +#~ "хвилини. Найкориснішим застосуванням є тестування служби." diff --git a/src/man/po/zh_CN.po b/src/man/po/zh_CN.po index d8706dff5..ec8e71548 100644 --- a/src/man/po/zh_CN.po +++ b/src/man/po/zh_CN.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2014-07-09 19:18+0300\n" +"POT-Creation-Date: 2014-09-08 20:55+0300\n" "PO-Revision-Date: 2014-06-04 18:04+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Chinese (China) (http://www.transifex.com/projects/p/sssd/" @@ -26,8 +26,8 @@ msgstr "" #: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 #: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 #: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 -#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 -#: sss_ssh_knownhostsproxy.1.xml:5 +#: sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 +#: sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "SSSD 手册页面" @@ -129,14 +129,14 @@ msgstr "sssd.conf" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 -#: sssd-ifp.5.xml:11 +#: sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 msgid "5" msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 -#: sssd-ifp.5.xml:12 +#: sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 msgid "File Formats and Conventions" msgstr "" @@ -228,11 +228,11 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:79 sssd.conf.5.xml:511 sssd.conf.5.xml:873 -#: sssd-ldap.5.xml:1637 sssd-ldap.5.xml:1734 sssd-ldap.5.xml:1796 -#: sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2320 sssd-ldap.5.xml:2338 +#: sssd.conf.5.xml:79 sssd.conf.5.xml:554 sssd.conf.5.xml:916 +#: sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1756 +#: sssd-ldap.5.xml:2242 sssd-ldap.5.xml:2307 sssd-ldap.5.xml:2325 #: sssd-ipa.5.xml:356 sssd-ipa.5.xml:391 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:339 sssd-ad.5.xml:428 sssd-krb5.5.xml:490 +#: sssd-ad.5.xml:684 sssd-ad.5.xml:773 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "" @@ -247,16 +247,16 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:90 sssd.conf.5.xml:827 sssd.conf.5.xml:1845 -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 -#: sssd-ldap.5.xml:1706 sssd-ldap.5.xml:2042 sssd-ipa.5.xml:139 +#: sssd.conf.5.xml:90 sssd.conf.5.xml:870 sssd.conf.5.xml:1933 +#: sssd-ldap.5.xml:678 sssd-ldap.5.xml:1471 sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1666 sssd-ldap.5.xml:2029 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:503 sssd-krb5.5.xml:257 #: sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2063 +#: sssd.conf.5.xml:67 sssd.conf.5.xml:101 sssd-ldap.5.xml:2050 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -278,7 +278,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1382 +#: sssd.conf.5.xml:111 sssd-ldap.5.xml:1342 msgid "Default: 10" msgstr "" @@ -293,7 +293,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:2017 msgid "Section parameters" msgstr "" @@ -330,19 +330,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:161 sssd.conf.5.xml:345 +#: sssd.conf.5.xml:161 sssd.conf.5.xml:370 msgid "reconnection_retries (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:164 sssd.conf.5.xml:348 +#: sssd.conf.5.xml:164 sssd.conf.5.xml:373 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:353 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:378 msgid "Default: 3" msgstr "默认: 3" @@ -362,7 +362,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 sssd.conf.5.xml:1658 +#: sssd.conf.5.xml:189 sssd.conf.5.xml:1719 msgid "re_expression (string)" msgstr "" @@ -382,12 +382,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:206 sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:206 sssd.conf.5.xml:1770 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:209 sssd.conf.5.xml:1773 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -395,39 +395,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:220 sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:220 sssd.conf.5.xml:1784 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:221 sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:221 sssd.conf.5.xml:1785 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:224 sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:224 sssd.conf.5.xml:1788 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:227 sssd.conf.5.xml:1730 +#: sssd.conf.5.xml:227 sssd.conf.5.xml:1791 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:233 sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:233 sssd.conf.5.xml:1797 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:236 sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:236 sssd.conf.5.xml:1800 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:217 sssd.conf.5.xml:1781 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -525,12 +525,42 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:319 sssd-ldap.5.xml:662 sssd-ldap.5.xml:1470 -#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1564 sssd-krb5.5.xml:401 -#: include/ldap_id_mapping.xml:203 include/ldap_id_mapping.xml:214 +#: sssd.conf.5.xml:319 sssd-ldap.5.xml:649 sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1442 sssd-ldap.5.xml:1524 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:597 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:203 +#: include/ldap_id_mapping.xml:214 msgid "Default: not set" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:324 +msgid "override_space (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:327 +msgid "" +"This parameter will replace spaces (space bar) with the given character for " +"user and group names. e.g. (_). User name "john doe" will be " +""john_doe" This feature was added to help compatibility with shell " +"scripts that have difficulty handling spaces, due to the default field " +"separator in the shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:336 +msgid "" +"Please note it is a configuration error to use a replacement character that " +"might be used in user or group names. If a name contains the replacement " +"character SSSD tries to return the unmodified name but in general the result " +"of a lookup is undefined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +msgid "Default: not set (spaces will not be replaced)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:126 msgid "" @@ -543,12 +573,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:355 msgid "SERVICES SECTIONS" msgstr "服务部分" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:332 +#: sssd.conf.5.xml:357 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -557,22 +587,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:364 msgid "General service configuration options" msgstr "基本服务配置选项" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:341 +#: sssd.conf.5.xml:366 msgid "These options can be used to configure any service." msgstr "这些选项可被用于配置任何服务。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:383 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 +#: sssd.conf.5.xml:386 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -582,17 +612,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:370 +#: sssd.conf.5.xml:395 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:375 +#: sssd.conf.5.xml:400 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:378 +#: sssd.conf.5.xml:403 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -600,19 +630,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:385 sssd.conf.5.xml:401 sssd.conf.5.xml:415 -#: sssd.conf.5.xml:632 sssd.conf.5.xml:792 sssd.conf.5.xml:1068 -#: sssd-ldap.5.xml:1212 +#: sssd.conf.5.xml:410 sssd.conf.5.xml:426 sssd.conf.5.xml:458 +#: sssd.conf.5.xml:675 sssd.conf.5.xml:835 sssd.conf.5.xml:1111 +#: sssd-ldap.5.xml:1172 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:415 sssd.conf.5.xml:1100 msgid "force_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:393 sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1103 msgid "" "If a service is not responding to ping checks (see the <quote>timeout</" "quote> option), it is first sent the SIGTERM signal that instructs it to " @@ -622,53 +652,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 +#: sssd.conf.5.xml:431 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:409 +#: sssd.conf.5.xml:434 +msgid "" +"When SSSD switches to offline mode the amount of time before it tries to go " +"back online will increase based upon the time spent disconnected. This " +"value is in seconds and calculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +msgid "offline_timeout + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:444 +msgid "" +"The random offset can increment up to 30 seconds. After each unsuccessful " +"attempt to go online, the new interval is recalculated by the following:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 +msgid "new_interval = old_interval*2 + random_offset" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:452 msgid "" -"If SSSD is in offline mode, and last attempt to go online was less than " -"number of seconds specified in this option ago, new requests for data will " -"not result in attempt to go online." +"Note that the maximum length of each interval is currently limited to one " +"hour. If the calculated length of new_interval is greater than an hour, it " +"will be forced to one hour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:467 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:426 +#: sssd.conf.5.xml:469 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 +#: sssd.conf.5.xml:474 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:434 +#: sssd.conf.5.xml:477 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:481 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 +#: sssd.conf.5.xml:486 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:446 +#: sssd.conf.5.xml:489 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -676,7 +731,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:452 +#: sssd.conf.5.xml:495 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -686,7 +741,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:462 +#: sssd.conf.5.xml:505 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -695,17 +750,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#: sssd.conf.5.xml:513 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:518 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:478 +#: sssd.conf.5.xml:521 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -713,17 +768,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 sssd.conf.5.xml:851 +#: sssd.conf.5.xml:527 sssd.conf.5.xml:894 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:489 +#: sssd.conf.5.xml:532 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:492 +#: sssd.conf.5.xml:535 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -732,41 +787,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:499 +#: sssd.conf.5.xml:542 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:504 +#: sssd.conf.5.xml:547 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:507 +#: sssd.conf.5.xml:550 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:561 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:521 +#: sssd.conf.5.xml:564 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:569 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:532 +#: sssd.conf.5.xml:575 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -774,22 +829,22 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:530 include/override_homedir.xml:51 +#: sssd.conf.5.xml:573 include/override_homedir.xml:51 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:579 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:542 +#: sssd.conf.5.xml:585 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:545 +#: sssd.conf.5.xml:588 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -797,186 +852,186 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 +#: sssd.conf.5.xml:594 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:557 +#: sssd.conf.5.xml:600 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:560 +#: sssd.conf.5.xml:603 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:563 +#: sssd.conf.5.xml:606 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:567 +#: sssd.conf.5.xml:610 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:572 +#: sssd.conf.5.xml:615 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#: sssd.conf.5.xml:620 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#: sssd.conf.5.xml:623 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:627 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#: sssd.conf.5.xml:632 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#: sssd.conf.5.xml:635 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:597 +#: sssd.conf.5.xml:640 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:643 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:604 +#: sssd.conf.5.xml:647 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:652 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:655 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:618 +#: sssd.conf.5.xml:661 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:625 sssd.conf.5.xml:785 +#: sssd.conf.5.xml:668 sssd.conf.5.xml:828 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 sssd.conf.5.xml:788 +#: sssd.conf.5.xml:671 sssd.conf.5.xml:831 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:637 +#: sssd.conf.5.xml:680 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:640 +#: sssd.conf.5.xml:683 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 sssd-ldap.5.xml:702 +#: sssd.conf.5.xml:687 sssd-ldap.5.xml:692 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:694 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:696 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:701 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:704 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 sssd.conf.5.xml:722 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:672 +#: sssd.conf.5.xml:715 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:675 +#: sssd.conf.5.xml:718 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:685 +#: sssd.conf.5.xml:728 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:688 +#: sssd.conf.5.xml:731 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:693 +#: sssd.conf.5.xml:736 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -984,59 +1039,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 sssd.conf.5.xml:752 +#: sssd.conf.5.xml:742 sssd.conf.5.xml:795 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:705 +#: sssd.conf.5.xml:748 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:751 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:713 +#: sssd.conf.5.xml:756 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:716 +#: sssd.conf.5.xml:759 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:719 +#: sssd.conf.5.xml:762 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:723 +#: sssd.conf.5.xml:766 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:769 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 sssd.8.xml:63 +#: sssd.conf.5.xml:773 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:735 +#: sssd.conf.5.xml:778 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:738 +#: sssd.conf.5.xml:781 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1044,7 +1099,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:744 +#: sssd.conf.5.xml:787 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1053,17 +1108,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:758 +#: sssd.conf.5.xml:801 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 sssd.conf.5.xml:1235 +#: sssd.conf.5.xml:804 sssd.conf.5.xml:1292 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:807 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1071,31 +1126,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 sssd.conf.5.xml:1238 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1295 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:818 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 sssd.8.xml:79 +#: sssd.conf.5.xml:823 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:800 +#: sssd.conf.5.xml:843 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:845 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1106,34 +1161,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:862 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:865 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:878 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:880 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:884 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:887 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1141,51 +1196,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:903 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:862 +#: sssd.conf.5.xml:905 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:866 +#: sssd.conf.5.xml:909 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:869 +#: sssd.conf.5.xml:912 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:921 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:924 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:928 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:893 +#: sssd.conf.5.xml:936 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:938 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1197,7 +1252,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:904 +#: sssd.conf.5.xml:947 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1208,24 +1263,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:955 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:961 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:922 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:965 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:968 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1233,12 +1288,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:974 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:978 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1247,24 +1302,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:992 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:999 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:1002 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:964 +#: sssd.conf.5.xml:1007 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1273,47 +1328,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1014 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1018 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:981 +#: sssd.conf.5.xml:1024 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:984 +#: sssd.conf.5.xml:1027 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1031 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1034 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 sssd.conf.5.xml:1212 sssd.conf.5.xml:1321 -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1037 sssd.conf.5.xml:1269 sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1395 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1040 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1325,14 +1380,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1053 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1015 +#: sssd.conf.5.xml:1058 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1341,39 +1396,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1023 +#: sssd.conf.5.xml:1066 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1074 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1081 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1082 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1085 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1086 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1077 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -1382,24 +1437,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 sssd-ldap.5.xml:1765 +#: sssd.conf.5.xml:1094 sssd-ldap.5.xml:1725 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1117 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1077 +#: sssd.conf.5.xml:1120 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1124 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -1410,137 +1465,150 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:1137 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1100 +#: sssd.conf.5.xml:1143 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1103 +#: sssd.conf.5.xml:1146 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 sssd.conf.5.xml:1120 sssd.conf.5.xml:1133 -#: sssd.conf.5.xml:1146 sssd.conf.5.xml:1159 sssd.conf.5.xml:1173 +#: sssd.conf.5.xml:1150 sssd.conf.5.xml:1163 sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1202 sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1230 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1156 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1116 +#: sssd.conf.5.xml:1159 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1169 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1172 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1139 +#: sssd.conf.5.xml:1182 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1142 +#: sssd.conf.5.xml:1185 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1195 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1198 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 +#: sssd.conf.5.xml:1208 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1211 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1222 +msgid "entry_cache_ssh_host_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1225 +msgid "" +"How many seconds to keep a host ssh key after refresh. IE how long to cache " +"the host key for." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1236 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1239 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1187 +#: sssd.conf.5.xml:1244 msgid "Currently only refreshing expired netgroups is supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1248 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 sssd-ipa.5.xml:221 +#: sssd.conf.5.xml:1252 sssd-ipa.5.xml:221 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1201 +#: sssd.conf.5.xml:1258 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1261 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1208 +#: sssd.conf.5.xml:1265 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1217 +#: sssd.conf.5.xml:1274 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1220 +#: sssd.conf.5.xml:1277 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1549,17 +1617,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1284 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1232 +#: sssd.conf.5.xml:1289 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1243 +#: sssd.conf.5.xml:1300 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1568,33 +1636,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1307 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1313 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1316 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1320 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1266 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:1441 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1270 +#: sssd.conf.5.xml:1327 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1602,8 +1670,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 sssd.conf.5.xml:1364 sssd.conf.5.xml:1415 -#: sssd.conf.5.xml:1468 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1421 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1529 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1612,8 +1680,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 sssd.conf.5.xml:1373 sssd.conf.5.xml:1424 -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1344 sssd.conf.5.xml:1430 sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1538 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1621,19 +1689,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1355 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1301 +#: sssd.conf.5.xml:1358 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1363 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1642,7 +1710,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1371 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -1650,17 +1718,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1326 +#: sssd.conf.5.xml:1383 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1329 +#: sssd.conf.5.xml:1386 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1332 +#: sssd.conf.5.xml:1389 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -1668,19 +1736,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1343 +#: sssd.conf.5.xml:1400 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1346 +#: sssd.conf.5.xml:1403 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1469 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1688,7 +1756,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1414 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1696,30 +1764,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1438 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1445 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1448 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1393 +#: sssd.conf.5.xml:1454 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1396 +#: sssd.conf.5.xml:1457 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1727,19 +1795,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1463 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1466 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1493 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1748,24 +1816,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1439 +#: sssd.conf.5.xml:1500 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1444 +#: sssd.conf.5.xml:1505 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1508 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1513 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1773,7 +1841,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1521 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1781,35 +1849,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1546 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1550 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1553 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1560 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1502 +#: sssd.conf.5.xml:1563 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1567 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1817,32 +1885,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1514 +#: sssd.conf.5.xml:1575 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1579 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1522 +#: sssd.conf.5.xml:1583 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1525 sssd.conf.5.xml:1594 sssd.conf.5.xml:1626 -#: sssd.conf.5.xml:1651 +#: sssd.conf.5.xml:1586 sssd.conf.5.xml:1655 sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1712 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1590 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -1853,12 +1921,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1607 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1610 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1866,7 +1934,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1555 +#: sssd.conf.5.xml:1616 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1874,31 +1942,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1624 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1566 +#: sssd.conf.5.xml:1627 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1633 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1636 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1581 +#: sssd.conf.5.xml:1642 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1906,23 +1974,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1651 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1601 +#: sssd.conf.5.xml:1662 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1604 +#: sssd.conf.5.xml:1665 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1669 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1930,7 +1998,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1615 +#: sssd.conf.5.xml:1676 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1938,24 +2006,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1623 +#: sssd.conf.5.xml:1684 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1694 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1697 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1701 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1963,12 +2031,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1709 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1722 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -1978,7 +2046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:1731 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -1987,29 +2055,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1675 +#: sssd.conf.5.xml:1736 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1739 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1681 +#: sssd.conf.5.xml:1742 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1745 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1750 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2017,7 +2085,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1695 +#: sssd.conf.5.xml:1756 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2025,66 +2093,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 +#: sssd.conf.5.xml:1763 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1749 +#: sssd.conf.5.xml:1810 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1816 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1819 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1762 +#: sssd.conf.5.xml:1823 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1826 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1829 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1771 +#: sssd.conf.5.xml:1832 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1835 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1838 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1844 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1847 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2092,62 +2160,95 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1792 sssd-ldap.5.xml:1196 sssd-ldap.5.xml:1238 -#: sssd-ldap.5.xml:1253 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1853 sssd-ldap.5.xml:1156 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1213 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1798 +#: sssd.conf.5.xml:1859 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1801 +#: sssd.conf.5.xml:1862 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1866 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1811 +#: sssd.conf.5.xml:1872 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1875 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1820 -msgid "case_sensitive (boolean)" +#: sssd.conf.5.xml:1881 +msgid "case_sensitive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1889 +msgid "True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1892 +msgid "Case sensitive. This value is invalid for AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1898 +msgid "False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1900 +msgid "Case insensitive." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1904 +msgid "Preserving" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1907 +msgid "" +"Same as False (case insensitive), but does not lowercase names in the output " +"of getpwnam and getgrnam." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1884 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." +"not supported in the local provider. Possible option values are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1828 sssd-ldap.5.xml:1020 sssd-ad.5.xml:397 -msgid "Default: True" +#: sssd.conf.5.xml:1916 +msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1922 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 +#: sssd.conf.5.xml:1925 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2156,22 +2257,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1851 +#: sssd.conf.5.xml:1939 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1950 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1951 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1854 +#: sssd.conf.5.xml:1942 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -2181,29 +2282,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1956 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1960 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1965 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1968 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:994 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2211,29 +2312,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1893 +#: sssd.conf.5.xml:1981 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1896 +#: sssd.conf.5.xml:1984 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1899 +#: sssd.conf.5.xml:1987 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1995 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1998 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2241,19 +2342,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1977 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1922 +#: sssd.conf.5.xml:2010 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:2012 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2261,73 +2362,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1931 +#: sssd.conf.5.xml:2019 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:2022 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2026 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1943 +#: sssd.conf.5.xml:2031 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2034 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:2039 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1956 +#: sssd.conf.5.xml:2044 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2047 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1963 sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2051 sssd.conf.5.xml:2063 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1968 +#: sssd.conf.5.xml:2056 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:2059 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1980 +#: sssd.conf.5.xml:2068 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1983 +#: sssd.conf.5.xml:2071 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2335,17 +2436,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:2079 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:2084 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2087 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2354,17 +2455,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2097 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2102 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2105 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2372,17 +2473,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2112 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2117 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2032 +#: sssd.conf.5.xml:2120 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2390,18 +2491,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2126 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2048 sssd-ldap.5.xml:2489 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:552 sssd-ad.5.xml:447 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:2136 sssd-ldap.5.xml:2476 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:552 sssd-ad.5.xml:792 sssd-krb5.5.xml:519 +#: sss_rpcidmapd.5.xml:98 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2142 #, no-wrap msgid "" "[sssd]\n" @@ -2431,7 +2533,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2050 +#: sssd.conf.5.xml:2138 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2577,7 +2679,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:645 sssd-ad.5.xml:212 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:632 sssd-ad.5.xml:212 msgid "Examples:" msgstr "" @@ -2777,7 +2879,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:830 msgid "Default: gidNumber" msgstr "" @@ -2828,60 +2930,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:341 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:344 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:866 sssd-ldap.5.xml:1103 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:354 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:344 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:880 +#: sssd-ldap.5.xml:349 sssd-ldap.5.xml:857 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:369 +#: sssd-ldap.5.xml:356 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:890 sssd-ldap.5.xml:1112 +#: sssd-ldap.5.xml:359 sssd-ldap.5.xml:867 sssd-ldap.5.xml:1072 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:894 sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:363 sssd-ldap.5.xml:871 sssd-ldap.5.xml:1079 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:382 +#: sssd-ldap.5.xml:369 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:385 +#: sssd-ldap.5.xml:372 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2890,17 +2977,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:382 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:401 +#: sssd-ldap.5.xml:388 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:391 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2909,17 +2996,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:413 +#: sssd-ldap.5.xml:400 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:419 +#: sssd-ldap.5.xml:406 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:422 +#: sssd-ldap.5.xml:409 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2928,17 +3015,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 +#: sssd-ldap.5.xml:418 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 +#: sssd-ldap.5.xml:424 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2947,17 +3034,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#: sssd-ldap.5.xml:437 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 +#: sssd-ldap.5.xml:443 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 +#: sssd-ldap.5.xml:446 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -2966,17 +3053,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:469 +#: sssd-ldap.5.xml:456 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:475 +#: sssd-ldap.5.xml:462 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:478 +#: sssd-ldap.5.xml:465 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -2985,17 +3072,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:488 +#: sssd-ldap.5.xml:475 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:494 +#: sssd-ldap.5.xml:481 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:497 +#: sssd-ldap.5.xml:484 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -3003,155 +3090,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 +#: sssd-ldap.5.xml:490 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:509 +#: sssd-ldap.5.xml:496 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#: sssd-ldap.5.xml:499 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:518 +#: sssd-ldap.5.xml:505 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:524 +#: sssd-ldap.5.xml:511 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:519 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:538 +#: sssd-ldap.5.xml:525 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:528 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:546 +#: sssd-ldap.5.xml:533 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:552 +#: sssd-ldap.5.xml:539 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:542 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:547 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:553 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:556 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +#: sssd-ldap.5.xml:560 sssd-ldap.5.xml:574 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:579 +#: sssd-ldap.5.xml:566 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:582 +#: sssd-ldap.5.xml:569 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:593 +#: sssd-ldap.5.xml:580 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:583 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:601 +#: sssd-ldap.5.xml:588 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:607 +#: sssd-ldap.5.xml:594 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:597 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#: sssd-ldap.5.xml:601 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:620 +#: sssd-ldap.5.xml:607 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:623 +#: sssd-ldap.5.xml:610 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:628 +#: sssd-ldap.5.xml:615 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -3161,7 +3248,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:625 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -3169,46 +3256,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 +#: sssd-ldap.5.xml:635 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:638 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:642 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:645 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:655 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:671 +#: sssd-ldap.5.xml:658 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:662 +msgid "Default: sshPublicKey" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:668 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:671 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -3217,24 +3309,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:694 +#: sssd-ldap.5.xml:684 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 +#: sssd-ldap.5.xml:687 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 +#: sssd-ldap.5.xml:698 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 +#: sssd-ldap.5.xml:701 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -3242,53 +3334,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:707 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:721 -msgid "Default: 10800 (12 hours)" +#: sssd-ldap.5.xml:711 +msgid "Default: 10800 (3 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:727 +#: sssd-ldap.5.xml:717 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:730 +#: sssd-ldap.5.xml:720 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 sssd-ldap.5.xml:827 sssd-ldap.5.xml:1053 -#: sssd-ldap.5.xml:1144 sssd-ldap.5.xml:2084 sssd-ldap.5.xml:2423 +#: sssd-ldap.5.xml:724 sssd-ldap.5.xml:817 sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1104 sssd-ldap.5.xml:2071 sssd-ldap.5.xml:2410 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:730 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:743 +#: sssd-ldap.5.xml:733 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:737 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:753 +#: sssd-ldap.5.xml:743 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#: sssd-ldap.5.xml:746 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -3296,14 +3388,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:763 +#: sssd-ldap.5.xml:753 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:758 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -3311,17 +3403,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:765 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:771 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:784 +#: sssd-ldap.5.xml:774 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -3329,14 +3421,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:790 +#: sssd-ldap.5.xml:780 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:785 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -3344,101 +3436,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:802 +#: sssd-ldap.5.xml:792 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:798 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 +#: sssd-ldap.5.xml:801 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:804 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:810 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:823 +#: sssd-ldap.5.xml:813 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:823 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:826 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:846 +#: sssd-ldap.5.xml:836 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:849 +#: sssd-ldap.5.xml:839 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:843 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:872 +#: sssd-ldap.5.xml:849 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:875 +#: sssd-ldap.5.xml:852 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:864 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:877 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:880 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:885 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -3446,17 +3528,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:914 +#: sssd-ldap.5.xml:891 msgid "Default: groupType in the AD provider, othewise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#: sssd-ldap.5.xml:898 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#: sssd-ldap.5.xml:901 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3464,7 +3546,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:908 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -3474,7 +3556,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:917 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later it " @@ -3483,17 +3565,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:947 +#: sssd-ldap.5.xml:924 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:953 +#: sssd-ldap.5.xml:930 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:956 +#: sssd-ldap.5.xml:933 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3501,14 +3583,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:939 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 sssd-ldap.5.xml:994 +#: sssd-ldap.5.xml:944 sssd-ldap.5.xml:971 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3516,7 +3598,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:950 sssd-ldap.5.xml:977 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3525,18 +3607,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 sssd-ldap.5.xml:1006 sssd-ldap.5.xml:1311 -#: sssd-ldap.5.xml:1332 sssd-ldap.5.xml:1838 include/ldap_id_mapping.xml:242 +#: sssd-ldap.5.xml:956 sssd-ldap.5.xml:983 sssd-ldap.5.xml:1271 +#: sssd-ldap.5.xml:1292 sssd-ldap.5.xml:1798 include/ldap_id_mapping.xml:242 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#: sssd-ldap.5.xml:962 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#: sssd-ldap.5.xml:965 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3544,184 +3626,173 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:989 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1015 +#: sssd-ldap.5.xml:992 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:997 sssd-ad.5.xml:742 sss_rpcidmapd.5.xml:76 +msgid "Default: True" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1003 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1006 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1009 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1013 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1019 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1045 +#: sssd-ldap.5.xml:1022 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1049 +#: sssd-ldap.5.xml:1026 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1059 +#: sssd-ldap.5.xml:1036 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1039 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1066 +#: sssd-ldap.5.xml:1043 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1047 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1053 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1056 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1116 +#: sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1076 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1086 +#: sssd-ldap.5.xml:1063 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1092 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1095 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1099 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1109 +#: sssd-ldap.5.xml:1069 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1088 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1131 +#: sssd-ldap.5.xml:1091 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1097 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1100 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1110 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1113 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1117 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1123 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1166 +#: sssd-ldap.5.xml:1126 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1130 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1176 +#: sssd-ldap.5.xml:1136 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1141 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3729,7 +3800,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1190 +#: sssd-ldap.5.xml:1150 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3737,12 +3808,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1162 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1205 +#: sssd-ldap.5.xml:1165 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3750,12 +3821,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1178 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1181 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3766,12 +3837,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1204 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:1207 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3779,12 +3850,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1219 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1262 +#: sssd-ldap.5.xml:1222 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3793,34 +3864,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:1230 sssd-ldap.5.xml:2228 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1236 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1239 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1284 +#: sssd-ldap.5.xml:1244 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1250 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1293 +#: sssd-ldap.5.xml:1253 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3828,14 +3899,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1259 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1265 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3843,17 +3914,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1277 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1280 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1323 +#: sssd-ldap.5.xml:1283 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3863,12 +3934,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1298 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1301 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3876,17 +3947,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1307 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1314 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1317 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3894,13 +3965,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1323 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1327 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3909,7 +3980,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1375 +#: sssd-ldap.5.xml:1335 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3917,26 +3988,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1348 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 +#: sssd-ldap.5.xml:1351 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1397 +#: sssd-ldap.5.xml:1357 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1361 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3944,7 +4015,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1368 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3952,7 +4023,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1374 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3960,41 +4031,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1380 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1424 +#: sssd-ldap.5.xml:1384 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1430 +#: sssd-ldap.5.xml:1390 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1393 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1398 sssd-ldap.5.xml:1416 sssd-ldap.5.xml:1457 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1445 +#: sssd-ldap.5.xml:1405 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1448 +#: sssd-ldap.5.xml:1408 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4003,32 +4074,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1463 +#: sssd-ldap.5.xml:1423 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1466 +#: sssd-ldap.5.xml:1426 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1436 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1439 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1448 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1451 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4036,24 +4107,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1504 +#: sssd-ldap.5.xml:1464 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1477 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1480 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4061,17 +4132,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1486 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1496 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1499 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4082,29 +4153,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 +#: sssd-ldap.5.xml:1511 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1517 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1530 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1533 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4113,17 +4184,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1541 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1547 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1590 +#: sssd-ldap.5.xml:1550 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4131,49 +4202,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1556 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1602 +#: sssd-ldap.5.xml:1562 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1605 +#: sssd-ldap.5.xml:1565 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1570 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1576 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1619 +#: sssd-ldap.5.xml:1579 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1622 +#: sssd-ldap.5.xml:1582 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1628 +#: sssd-ldap.5.xml:1588 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1631 +#: sssd-ldap.5.xml:1591 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4181,27 +4252,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1643 +#: sssd-ldap.5.xml:1603 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1606 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 sssd-ad.5.xml:383 +#: sssd-ldap.5.xml:1610 sssd-ad.5.xml:728 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 +#: sssd-ldap.5.xml:1619 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4213,7 +4284,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1671 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1631 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4221,7 +4292,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1636 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4229,39 +4300,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1685 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1645 sssd-ipa.5.xml:366 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1688 +#: sssd-ldap.5.xml:1648 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1651 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1697 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1657 sssd-ipa.5.xml:381 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1660 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1712 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1672 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1715 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1675 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4271,7 +4342,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1726 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1686 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4279,26 +4350,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1740 +#: sssd-ldap.5.xml:1700 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1703 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1708 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1753 +#: sssd-ldap.5.xml:1713 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4306,7 +4377,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1759 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4314,31 +4385,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1768 +#: sssd-ldap.5.xml:1728 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1736 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1739 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1743 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1788 +#: sssd-ldap.5.xml:1748 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4347,56 +4418,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1762 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 +#: sssd-ldap.5.xml:1765 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1809 +#: sssd-ldap.5.xml:1769 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1775 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1778 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1823 +#: sssd-ldap.5.xml:1783 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1789 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1792 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1804 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1847 +#: sssd-ldap.5.xml:1807 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4412,12 +4483,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1867 +#: sssd-ldap.5.xml:1827 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1870 +#: sssd-ldap.5.xml:1830 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4426,14 +4497,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1874 +#: sssd-ldap.5.xml:1834 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1839 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4442,24 +4513,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1887 sssd-ldap.5.xml:1944 +#: sssd-ldap.5.xml:1847 sssd-ldap.5.xml:1904 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1853 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1856 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1900 +#: sssd-ldap.5.xml:1860 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4467,19 +4538,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1907 +#: sssd-ldap.5.xml:1867 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1910 +#: sssd-ldap.5.xml:1870 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1875 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4488,7 +4559,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1922 +#: sssd-ldap.5.xml:1882 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4496,7 +4567,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1928 +#: sssd-ldap.5.xml:1888 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4505,7 +4576,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1897 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4513,108 +4584,140 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1910 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1953 +#: sssd-ldap.5.xml:1913 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1917 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:1920 +msgid "" +"<emphasis>lockout</emphasis>: use account locking. If set, this option " +"denies access in case that ldap attribute 'pwdAccountLockedTime' is present " +"and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1927 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1931 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1969 +#: sssd-ldap.5.xml:1936 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:1940 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1943 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1983 +#: sssd-ldap.5.xml:1950 +msgid "ldap_pwdlockout_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1953 +msgid "" +"This option specifies the DN of password policy entry on LDAP server. Please " +"note that absence of this option in sssd.conf in case of enabled account " +"lockout checking will yield access denied as ppolicy attributes on LDAP " +"server cannot be checked properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1961 +msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1964 +msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1970 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:1973 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:1978 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:1982 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:1987 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2005 +#: sssd-ldap.5.xml:1992 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2010 +#: sssd-ldap.5.xml:1997 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2018 +#: sssd-ldap.5.xml:2005 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2008 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2012 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4625,7 +4728,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2036 +#: sssd-ldap.5.xml:2023 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4643,12 +4746,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2052 +#: sssd-ldap.5.xml:2039 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2054 +#: sssd-ldap.5.xml:2041 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4656,208 +4759,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2052 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2055 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2071 +#: sssd-ldap.5.xml:2058 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2064 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2067 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2090 +#: sssd-ldap.5.xml:2077 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2080 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2097 +#: sssd-ldap.5.xml:2084 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2103 +#: sssd-ldap.5.xml:2090 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2093 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2111 +#: sssd-ldap.5.xml:2098 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2117 +#: sssd-ldap.5.xml:2104 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2120 +#: sssd-ldap.5.xml:2107 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2111 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2130 +#: sssd-ldap.5.xml:2117 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2133 +#: sssd-ldap.5.xml:2120 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2137 +#: sssd-ldap.5.xml:2124 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2143 +#: sssd-ldap.5.xml:2130 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2146 +#: sssd-ldap.5.xml:2133 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2150 +#: sssd-ldap.5.xml:2137 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2143 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2146 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2150 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2156 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2159 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2176 +#: sssd-ldap.5.xml:2163 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2182 +#: sssd-ldap.5.xml:2169 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2172 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2177 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2196 +#: sssd-ldap.5.xml:2183 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2199 +#: sssd-ldap.5.xml:2186 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2203 +#: sssd-ldap.5.xml:2190 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:2196 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2199 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2204 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2209 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2215 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2218 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4865,101 +4968,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2237 +#: sssd-ldap.5.xml:2224 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2234 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2237 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2248 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2264 +#: sssd-ldap.5.xml:2251 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2269 +#: sssd-ldap.5.xml:2256 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2297 sssd-ldap.5.xml:2315 -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2261 sssd-ldap.5.xml:2284 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2320 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2279 sssd-ldap.5.xml:2302 +#: sssd-ldap.5.xml:2266 sssd-ldap.5.xml:2289 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2285 +#: sssd-ldap.5.xml:2272 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2288 +#: sssd-ldap.5.xml:2275 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2293 +#: sssd-ldap.5.xml:2280 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2295 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2311 +#: sssd-ldap.5.xml:2298 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2326 +#: sssd-ldap.5.xml:2313 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2316 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2345 +#: sssd-ldap.5.xml:2332 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4968,91 +5071,91 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2342 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2344 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2350 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2366 +#: sssd-ldap.5.xml:2353 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2369 +#: sssd-ldap.5.xml:2356 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2376 +#: sssd-ldap.5.xml:2363 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2379 sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2366 sssd-ldap.5.xml:2392 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 sssd-ldap.5.xml:2409 +#: sssd-ldap.5.xml:2369 sssd-ldap.5.xml:2396 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2376 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2379 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2382 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2402 +#: sssd-ldap.5.xml:2389 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2416 +#: sssd-ldap.5.xml:2403 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2419 sssd-ldap.5.xml:2433 +#: sssd-ldap.5.xml:2406 sssd-ldap.5.xml:2420 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2430 +#: sssd-ldap.5.xml:2417 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2437 +#: sssd-ldap.5.xml:2424 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2361 +#: sssd-ldap.5.xml:2348 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5061,37 +5164,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2434 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2441 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2459 +#: sssd-ldap.5.xml:2446 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2451 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2469 +#: sssd-ldap.5.xml:2456 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2461 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2449 +#: sssd-ldap.5.xml:2436 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5099,7 +5202,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2491 +#: sssd-ldap.5.xml:2478 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5107,7 +5210,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2484 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5120,20 +5223,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2496 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 -#: sssd-ad.5.xml:455 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2483 sssd-simple.5.xml:139 sssd-ipa.5.xml:560 +#: sssd-ad.5.xml:800 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2509 sssd_krb5_locator_plugin.8.xml:61 -#: sssd-simple.5.xml:148 sssd-ad.5.xml:470 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2496 sssd_krb5_locator_plugin.8.xml:61 +#: sssd-simple.5.xml:148 sssd-ad.5.xml:815 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2498 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5615,7 +5718,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:320 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:665 msgid "dyndns_update (boolean)" msgstr "" @@ -5630,7 +5733,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:334 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:679 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5645,12 +5748,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:345 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:690 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:348 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:693 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5671,12 +5774,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:359 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:704 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:362 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:707 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5718,12 +5821,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:373 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:718 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:376 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:721 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5731,12 +5834,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:389 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:734 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:392 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:737 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5755,19 +5858,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:403 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:748 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:406 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:751 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:410 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:755 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5861,7 +5964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:359 sssd-ad.5.xml:776 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -5948,7 +6051,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:441 sssd-ipa.5.xml:457 sssd-ad.5.xml:330 msgid "Default: 5 (seconds)" msgstr "" @@ -6402,9 +6505,376 @@ msgstr "" msgid "Default: permissive" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:320 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:323 msgid "" +"The amount of time between lookups of GPO policy files against the AD " +"server. This will reduce the latency and load on the AD server if there are " +"many access-control requests made in a short period." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:336 +msgid "ad_gpo_map_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:339 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the InteractiveLogonRight and " +"DenyInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:354 +#, no-wrap +msgid "" +" ad_gpo_map_interactive = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:345 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>login</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:358 sssd-ad.5.xml:423 sssd-ad.5.xml:458 sssd-ad.5.xml:498 +#: sssd-ad.5.xml:559 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:362 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:367 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:372 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:377 +msgid "gdm-fingerprint" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:382 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:387 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:392 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:401 +msgid "ad_gpo_map_remote_interactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:404 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the RemoteInteractiveLogonRight and " +"DenyRemoteInteractiveLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:419 +#, no-wrap +msgid "" +" ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:410 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>sshd</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:427 +msgid "sshd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:436 +msgid "ad_gpo_map_network (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:439 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the NetworkLogonRight and " +"DenyNetworkLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:454 +#, no-wrap +msgid "" +" ad_gpo_map_network = +my_pam_service, -ftp\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>ftp</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:462 +msgid "ftp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:467 +msgid "samba" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:476 +msgid "ad_gpo_map_batch (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:479 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " +"policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:494 +#, no-wrap +msgid "" +" ad_gpo_map_batch = +my_pam_service, -crond\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:485 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for this logon right (e.g. " +"<quote>crond</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:502 +msgid "crond" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:511 +msgid "ad_gpo_map_service (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:514 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access " +"control is evaluated based on the ServiceLogonRight and " +"DenyServiceLogonRight policy settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:528 +#, no-wrap +msgid "" +" ad_gpo_map_service = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:520 sssd-ad.5.xml:585 +msgid "" +"It is possible to add a PAM service name to the default set by using <quote>" +"+service_name</quote>. Since the default set is empty, it is not possible " +"to remove a PAM service name from the default set. For example, in order to " +"add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " +"would use the following configuration: <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:538 +msgid "ad_gpo_map_permit (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:541 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always granted, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:555 +#, no-wrap +msgid "" +" ad_gpo_map_permit = +my_pam_service, -sudo\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:546 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in " +"order to replace a default PAM service name for unconditionally permitted " +"access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:563 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:568 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:577 +msgid "ad_gpo_map_deny (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:580 +msgid "" +"A comma-separated list of PAM service names for which GPO-based access is " +"always denied, regardless of any GPO Logon Rights." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:593 +#, no-wrap +msgid "" +" ad_gpo_map_deny = +my_pam_service\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:603 +msgid "ad_gpo_default_right (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:606 +msgid "" +"This option defines how access control is evaluated for PAM service names " +"that are not explicitly listed in one of the ad_gpo_map_* options. This " +"option can be set in two different manners. First, this option can be set to " +"use a default logon right. For example, if this option is set to " +"'interactive', it means that unmapped PAM service names will be processed " +"based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " +"settings. Alternatively, this option can be set to either always permit or " +"always deny access for unmapped PAM service names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:619 +msgid "Supported values for this option include:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:623 +msgid "interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:628 +msgid "remote_interactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:633 +msgid "network" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:638 +msgid "batch" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:643 +#, fuzzy +#| msgid "services" +msgid "service" +msgstr "服务" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:648 +msgid "permit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ad.5.xml:653 +msgid "deny" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:659 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: deny" +msgstr "默认: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:668 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6414,29 +6884,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:353 +#: sssd-ad.5.xml:698 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:712 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:419 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:764 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:422 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:767 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:449 +#: sssd-ad.5.xml:794 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6444,7 +6914,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:456 +#: sssd-ad.5.xml:801 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6459,7 +6929,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:476 +#: sssd-ad.5.xml:821 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6468,7 +6938,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:817 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6476,10 +6946,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:482 +#: sssd-ad.5.xml:827 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " -"configured, the default access provider is <quote>permit</quote>." +"configured, the default access provider is <quote>permit</quote>. Please " +"note that if you configure an access provider other than <quote>ad</quote>, " +"you need to set all the connection parameters (such as LDAP URIs and " +"encryption details) manually." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> @@ -6855,24 +7328,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"Tells the SSSD to simulate offline operation for the duration of the " +"<quote>offline_timeout</quote> parameter. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 +#: sssd.8.xml:182 msgid "SIGUSR2" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 +#: sssd.8.xml:185 msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"Tells the SSSD to go online immediately. This is useful for testing. The " +"signal can be sent to either the sssd process or any sssd_be process " +"directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 +#: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." @@ -8039,13 +8515,49 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:162 +#, fuzzy +#| msgid "" +#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" +#| "replaceable>" msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" "replaceable>" msgstr "" +"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:167 +msgid "Invalidate SSH public keys of a specific host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:173 +#, fuzzy +#| msgid "" +#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" +#| "replaceable>" +msgid "<option>-H</option>,<option>--ssh-hosts</option>" +msgstr "" +"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" +"replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:177 +msgid "" +"Invalidate SSH public keys of all hosts. This option overrides invalidation " +"of SSH public keys of specific host if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:185 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:190 msgid "Restrict invalidation process only to a particular domain." msgstr "" @@ -8342,6 +8854,145 @@ msgstr "" msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" +#. type: Content of: <reference><refentry><refentryinfo> +#: sss_rpcidmapd.5.xml:8 +msgid "" +"<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" +"firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " +"Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" +"author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " +"<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" +"author>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 +#, fuzzy +#| msgid "sss_groupmod" +msgid "sss_rpcidmapd" +msgstr "sss_groupmod" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_rpcidmapd.5.xml:33 +msgid "sss plugin configuration directives for rpc.idmapd" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:37 +msgid "CONFIGURATION FILE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:39 +msgid "" +"rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." +"conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:49 +msgid "SSS CONFIGURATION EXTENSION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:51 +msgid "Enable SSS plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:53 +msgid "" +"In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " +"attribute to contain <emphasis>sss</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sss_rpcidmapd.5.xml:59 +msgid "[sss] config section" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sss_rpcidmapd.5.xml:61 +msgid "" +"In order to change the default of one of the configuration attributes of the " +"<emphasis>sss</emphasis> plugin listed below you will need to create a " +"config section for it, named <quote>[sss]</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sss_rpcidmapd.5.xml:67 +msgid "Configuration attributes" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sss_rpcidmapd.5.xml:69 +msgid "memcache (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sss_rpcidmapd.5.xml:72 +msgid "Indicates whether or not to use memcache optimisation technique." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_rpcidmapd.5.xml:85 +msgid "SSSD INTEGRATION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:87 +msgid "" +"The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " +"in sssd." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:91 +msgid "" +"The attribute <quote>use_fully_qualified_names</quote> must be enabled on " +"all domains (NFSv4 clients expect a fully qualified name to be sent on the " +"wire)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_rpcidmapd.5.xml:103 +#, no-wrap +msgid "" +"[General]\n" +"Verbosity = 2\n" +"# domain must be synced between NFSv4 server and clients\n" +"# Solaris/Illumos/AIX use \"localdomain\" as default!\n" +"Domain = default\n" +"\n" +"[Mapping]\n" +"Nobody-User = nfsnobody\n" +"Nobody-Group = nfsnobody\n" +"\n" +"[Translation]\n" +"Method = sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:100 +msgid "" +"The following example shows a minimal idmapd.conf which makes use of the sss " +"plugin. <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: sss_rpcidmapd.5.xml:120 include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "另见" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_rpcidmapd.5.xml:122 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>" +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -9172,11 +9823,6 @@ msgid "" "local LDB storage to store users and groups." msgstr "" -#. type: Content of: <refsect1><title> -#: include/seealso.xml:2 -msgid "SEE ALSO" -msgstr "另见" - #. type: Content of: <refsect1><para> #: include/seealso.xml:4 msgid "" @@ -9217,7 +9863,9 @@ msgid "" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " +"<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" msgstr "" #. type: Content of: <listitem><para> -- cgit